Sample viewer

vx.netlux.org/Virus.DOS.HLLO.Zero.6368

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:57:06.447718038Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:57:06.449487979Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:57:06.450770039Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:57:06.451905891Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:57:06.453463157Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:57:06.455579005Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:06.458003216Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:57:06.459240064Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:57:06.460622433Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:57:06.461779742Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:57:06.462926253Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:57:06.464374634Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:57:06.465568938Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:57:06.466714838Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:57:06.468558989Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:57:06.469684819Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:57:06.470793514Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:57:06.47271133Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:57:06.473850317Z	53	PC: 1343a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:57:06.475110743Z	37	PC: 1344f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:57:06.476870663Z	37	PC: 13457 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:57:06.479208433Z	37	PC: 1345f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:06.481072175Z	37	PC: 13467 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:57:06.483635433Z	68	PC: 1400e \| I/O control for devices (Set for = '')
2018-12-17T22:57:06.586271787Z	37	PC: 12d61 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:57:06.587846581Z	48	PC: 13c4e \| Get DOS version
2018-12-17T22:57:06.589347169Z	61	PC: 13b00 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:57:06.596655608Z	63	PC: 13bd3 \| Read file or device (Read 6368 bytes on handle 5)
2018-12-17T22:57:06.60518892Z	62	PC: 13b50 \| Close file
2018-12-17T22:57:06.607067667Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:57:06.609188494Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:57:06.610498493Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:57:06.611809523Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:57:06.613551016Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:57:06.614823095Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:57:06.615894117Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:57:06.618957069Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:57:06.620102233Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:57:06.621270722Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:57:06.622849662Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:06.624259693Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:06.62553127Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:57:06.627002052Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:57:06.628642918Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:57:06.629890999Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:57:06.631098213Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:57:06.633177754Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:57:06.634714587Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:57:06.636277037Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:57:06.638249837Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:57:06.639549467Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:57:06.640803935Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:57:06.642543208Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:57:06.643716201Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:57:06.644913183Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:57:06.646685644Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:57:06.64800898Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:57:06.64929353Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:57:06.651182805Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:57:06.652455485Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:57:06.653824684Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:57:06.655406545Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:57:06.65705581Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:57:06.658204411Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:57:06.659396572Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:57:06.660774919Z	53	PC: 133b2 \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:57:06.662004791Z	37	PC: 133bb \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:57:06.663218328Z	53	PC: 13366 \| Get interrupt vector (Interrupt = '40' AKA 'Random block write')
2018-12-17T22:57:06.66536463Z	37	PC: 13382 \| Set interrupt vector (Interrupt = '40' AKA 'Random block write')
2018-12-17T22:57:06.667496643Z	49	PC: 1339d \| Terminate and stay resident (Return code = '0' \| Memory size = '967')