Sample viewer

vx.netlux.org/Virus.DOS.HLLO.Psycho.5632

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:56:23.223202689Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:56:23.225436012Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:56:23.227139253Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:56:23.228726891Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:56:23.231035132Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:56:23.232817506Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:23.234353714Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:56:23.235956219Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:56:23.238182068Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:56:23.239762697Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:56:23.241415345Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:56:23.244220133Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:56:23.245756294Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:56:23.247264814Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:56:23.249714646Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:56:23.251159454Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:56:23.252483058Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:56:23.254594232Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:56:23.255854334Z	53	PC: 1331a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:56:23.257305461Z	37	PC: 1332f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:56:23.259993951Z	37	PC: 13337 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:56:23.261342771Z	37	PC: 1333f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:23.262563808Z	37	PC: 13347 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:56:23.264482694Z	68	PC: 13e7c \| I/O control for devices (Set for = '�; =')
2018-12-17T22:56:23.31254393Z	37	PC: 12d41 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:56:23.315860878Z	26	PC: 12be5 \| Set disk transfer address
2018-12-17T22:56:23.317928655Z	78	PC: 12bf1 \| Find first file
2018-12-17T22:56:23.324179733Z	65	PC: 13b29 \| Delete file (Filename = 'TEST.EXE')
2018-12-17T22:56:23.341679096Z	48	PC: 13ba2 \| Get DOS version
2018-12-17T22:56:23.343219672Z	86	PC: 13b6d \| Rename file
2018-12-17T22:56:23.347874512Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:56:23.348983357Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:56:23.35018894Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:56:23.351499149Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:56:23.352565946Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:56:23.353820862Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:23.355380149Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:56:23.356723454Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:56:23.358089588Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:56:23.367693767Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:56:23.368752092Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:56:23.369810026Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:56:23.371812512Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:56:23.373318138Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:56:23.374804511Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:56:23.377142964Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:56:23.378082927Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:56:23.379075486Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:56:23.380607276Z	37	PC: 13471 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:56:23.381863764Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.383385197Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.394456805Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.396557863Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.398927535Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.402093397Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.404063943Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.40624603Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.408814193Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.411048399Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.413379293Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.41658114Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.419052453Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.421482505Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.424943552Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.4275578Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.429530874Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.432177362Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.434200184Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.439399313Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.442526097Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.444575136Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.44652874Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.449667106Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.451700638Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.453932141Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.456516753Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.459183471Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.461066991Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.46348505Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.465469032Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.467418106Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.470285268Z	6	PC: 134f8 \| Direct console I/O
2018-12-17T22:56:23.472127777Z	76	PC: 134b0 \| Terminate with return code (Return code = '2')