Sample viewer

vx.netlux.org/Virus.DOS.HLLP.4213

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:56:53.721120133Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:56:53.722685819Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:56:53.724141814Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:56:53.725575926Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:56:53.72717028Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:56:53.728614105Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:53.730474347Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:56:53.731777459Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:56:53.732833264Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:56:53.733947427Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:56:53.73537206Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:56:53.736448125Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:56:53.737630016Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:56:53.7389229Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:56:53.739886789Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:56:53.740826173Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:56:53.742258377Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:56:53.743399275Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:56:53.744797216Z 53 PC: 12e0a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:56:53.74646301Z 37 PC: 12e1f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:56:53.747464518Z 37 PC: 12e27 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:56:53.748425645Z 37 PC: 12e2f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:53.749969639Z 37 PC: 12e37 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:56:53.751122195Z 68 PC: 138f3 | I/O control for devices (Set for = '')
2018-12-17T22:56:53.752259796Z 48 PC: 1361e | Get DOS version
2018-12-17T22:56:53.753849249Z 61 PC: 134d0 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:56:53.758029232Z 63 PC: 135a3 | Read file or device (Read 4208 bytes on handle 5)
2018-12-17T22:56:53.763093897Z 62 PC: 13520 | Close file
2018-12-17T22:56:53.774253225Z 26 PC: 12d4b | Set disk transfer address
2018-12-17T22:56:53.775225436Z 78 PC: 12d57 | Find first file
2018-12-17T22:56:53.779478342Z 61 PC: 134d0 | Open file (Filename = 'TEST.EXE')
2018-12-17T22:56:53.784311433Z 66 PC: 13602 | Move file pointer
2018-12-17T22:56:53.785713364Z 63 PC: 135a3 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:56:53.787965731Z 62 PC: 13520 | Close file
2018-12-17T22:56:53.78959267Z 61 PC: 134d0 | Open file (Filename = 'TEST.EXE')
2018-12-17T22:56:53.794050482Z 64 PC: 135a3 | Write file or device (Write 4208 bytes on handle 5)
2018-12-17T22:56:53.795448548Z 64 PC: 13228 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:56:53.796754963Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:56:53.805685735Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:56:53.806635422Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:56:53.807435604Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:56:53.808386655Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:56:53.809176737Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:53.809932423Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:56:53.810935421Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:56:53.811844208Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:56:53.812717278Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:56:53.813993545Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:56:53.814999349Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:56:53.815862217Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:56:53.824741611Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:56:53.825737074Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:56:53.826606286Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:56:53.827814036Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:56:53.829845469Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:56:53.830813623Z 37 PC: 12f61 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:56:53.832176144Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.834111741Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.835996182Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.838782744Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.840831592Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.842760131Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.844811115Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.846808435Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.848639601Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.850630175Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.852420058Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.854266241Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.856638066Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.859239344Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.862054614Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.864426508Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.866935135Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.870106252Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.873629533Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.875231618Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.876591937Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.878937534Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.881135794Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.883095859Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.885594653Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.887546587Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.889604862Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.89238848Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.894640136Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.897265775Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.903395877Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.905656268Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.908150657Z 6 PC: 12fe8 | Direct console I/O
2018-12-17T22:56:53.910846937Z 76 PC: 12fa0 | Terminate with return code (Return code = '5')