Sample viewer

vx.netlux.org/Virus.DOS.HLLC.Psycho.9280

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:57:17.717433172Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:57:17.719123921Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:57:17.721389019Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:57:17.722599555Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:57:17.724082312Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:57:17.726546936Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:17.727976052Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:57:17.729308297Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:57:17.733848593Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:57:17.737971473Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:57:17.739563516Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:57:17.742047927Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:57:17.743977184Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:57:17.745995819Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:57:17.748769243Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:57:17.750824146Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:57:17.752416109Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:57:17.754559038Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:57:17.756734898Z 53 PC: 13e8a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:57:17.757955523Z 37 PC: 13e9f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:57:17.759313636Z 37 PC: 13ea7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:57:17.761463538Z 37 PC: 13eaf | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:17.762727073Z 37 PC: 13eb7 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:57:17.764429183Z 68 PC: 14a7d | I/O control for devices (Set for = ' ��U')
2018-12-17T22:57:17.863952383Z 37 PC: 138b1 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:57:17.865960999Z 67 PC: 13628 | Get or set file attributes
2018-12-17T22:57:17.872224895Z 67 PC: 13628 | Get or set file attributes
2018-12-17T22:57:17.879258077Z 60 PC: 14a61 | Create or truncate file
2018-12-17T22:57:18.230553018Z 68 PC: 14a7d | I/O control for devices (Set for = ' ��U')
2018-12-17T22:57:18.23284667Z 64 PC: 14283 | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:57:18.243001982Z 62 PC: 142c2 | Close file
2018-12-17T22:57:18.25119256Z 61 PC: 14a61 | Open file (Filename = 'c:\counter.sys')
2018-12-17T22:57:18.258470392Z 63 PC: 14251 | Read file or device (Read 128 bytes on handle 5)
2018-12-17T22:57:18.262991441Z 63 PC: 14251 | Read file or device (Read 128 bytes on handle 5)
2018-12-17T22:57:18.266268111Z 62 PC: 142c2 | Close file
2018-12-17T22:57:18.268662613Z 61 PC: 14a61 | Open file (Filename = 'c:\counter.sys')
2018-12-17T22:57:18.276484578Z 68 PC: 14a7d | I/O control for devices (Set for = ' ��U')
2018-12-17T22:57:18.278845496Z 66 PC: 14acc | Move file pointer
2018-12-17T22:57:18.280787758Z 66 PC: 14ae3 | Move file pointer
2018-12-17T22:57:18.282997021Z 63 PC: 14af0 | Read file or device (Read 128 bytes on handle 5)
2018-12-17T22:57:18.286437489Z 64 PC: 14283 | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:57:18.289628147Z 62 PC: 142c2 | Close file
2018-12-17T22:57:18.297697768Z 67 PC: 13628 | Get or set file attributes
2018-12-17T22:57:18.305351587Z 60 PC: 14a61 | Create or truncate file
2018-12-17T22:57:18.322932879Z 68 PC: 14a7d | I/O control for devices (Set for = ' ��U')
2018-12-17T22:57:18.325209459Z 64 PC: 14283 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T22:57:18.330528899Z 64 PC: 14283 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:57:18.333576058Z 62 PC: 142c2 | Close file
2018-12-17T22:57:18.617372965Z 26 PC: 135a5 | Set disk transfer address
2018-12-17T22:57:18.620016004Z 78 PC: 135b1 | Find first file
2018-12-17T22:57:18.625917268Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:57:18.627335645Z 37 PC: 137ea | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:57:18.629419422Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:57:18.630999423Z 37 PC: 137ea | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:57:18.632193087Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:57:18.633427317Z 37 PC: 137ea | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:57:18.635132753Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:57:18.63634944Z 37 PC: 137ea | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:57:18.637736037Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:57:18.639907209Z 37 PC: 137ea | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:57:18.641181815Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:18.642387762Z 37 PC: 137ea | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:18.644379617Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:57:18.645981739Z 37 PC: 137ea | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:57:18.647299777Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:57:18.649657469Z 37 PC: 137ea | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:57:18.651176485Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:57:18.652359188Z 37 PC: 137ea | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:57:18.653841755Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:57:18.655939389Z 37 PC: 137ea | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:57:18.657096675Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:57:18.65907322Z 37 PC: 137ea | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:57:18.661725597Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:57:18.663676675Z 37 PC: 137ea | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:57:18.672800486Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:57:18.679890235Z 37 PC: 137ea | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:57:18.681689247Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:57:18.684343336Z 37 PC: 137ea | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:57:18.68945165Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:57:18.691320343Z 37 PC: 137ea | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:57:18.694431933Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:57:18.69897334Z 37 PC: 137ea | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:57:18.700311466Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:57:18.701960917Z 37 PC: 137ea | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:57:18.703637098Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:57:18.710741274Z 37 PC: 137ea | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:57:18.712662275Z 53 PC: 137e1 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:57:18.714316475Z 37 PC: 137ea | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:57:18.717584749Z 48 PC: 147a3 | Get DOS version
2018-12-17T22:57:18.719444616Z 41 PC: 13798 | Parse filename
2018-12-17T22:57:18.722431902Z 41 PC: 137a6 | Parse filename
2018-12-17T22:57:18.725289774Z 75 PC: 137b1 | Execute program
2018-12-17T22:57:18.747131556Z 80 PC: 18e19 | Set current PSP
2018-12-17T22:57:18.748319239Z 48 PC: 18e1e | Get DOS version
2018-12-17T22:57:18.752368732Z 99 PC: 1f600 | Get DBCS lead byte table pointer
2018-12-17T22:57:18.757513684Z 101 PC: 18ea4 | Get extended country info
2018-12-17T22:57:18.759534423Z 99 PC: 18eaa | Get DBCS lead byte table pointer
2018-12-17T22:57:18.762376576Z 74 PC: 18f0c | Reallocate memory
2018-12-17T22:57:18.764250379Z 25 PC: 18f43 | Get default drive
2018-12-17T22:57:18.765775276Z 37 PC: 18a03 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:57:18.768293079Z 37 PC: 18a0a | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:57:18.770369944Z 37 PC: 18a11 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:18.77550136Z 74 PC: 17bac | Reallocate memory
2018-12-17T22:57:18.777941658Z 72 PC: 17bed | Allocate memory
2018-12-17T22:57:18.785252312Z 72 PC: 17c25 | Allocate memory
2018-12-17T22:57:18.7870015Z 72 PC: 17c2d | Allocate memory