Sample viewer

vx.netlux.org/Virus.DOS.HLLO.3488

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:57:55.831112789Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:57:55.832947902Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:57:55.834767376Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:57:55.836029813Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:57:55.837020002Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:57:55.838537968Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:55.839623098Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:57:55.840655714Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:57:55.842164166Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:57:55.843777092Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:57:55.846653384Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:57:55.849113331Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:57:55.850962766Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:57:55.853179246Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:57:55.856246044Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:57:55.859183264Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:57:55.861975527Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:57:55.864087132Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:57:55.866098621Z	53	PC: 12c6a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:57:55.867741098Z	37	PC: 12c7f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:57:55.869314851Z	37	PC: 12c87 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:57:55.871420963Z	37	PC: 12c8f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:55.87258345Z	37	PC: 12c97 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:57:55.874185378Z	68	PC: 1353c \| I/O control for devices (Set for = '΁�')
2018-12-17T22:57:55.876029827Z	48	PC: 1347e \| Get DOS version
2018-12-17T22:57:55.87765373Z	61	PC: 13330 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:57:55.886008769Z	63	PC: 13403 \| Read file or device (Read 3488 bytes on handle 5)
2018-12-17T22:57:55.895819891Z	64	PC: 13088 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:57:55.898397012Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:57:55.900569487Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:57:55.904163461Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:57:55.906107649Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:57:55.907699474Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:57:55.910439246Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:55.912042834Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:57:55.913664786Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:57:55.915132916Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:57:55.916919475Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:57:55.918590121Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:57:55.920307058Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:57:55.922720578Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:57:55.924083025Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:57:55.925420993Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:57:55.927449499Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:57:55.928734658Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:57:55.930028461Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:57:55.931872944Z	37	PC: 12dc1 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:57:55.933278827Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.935697051Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.939418203Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.941895369Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.944238415Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.947032577Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.949806265Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.952780053Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.959909823Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.961650163Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.963364007Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.965121226Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.96798864Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.970697655Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.973425327Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.97665163Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.979035589Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.981268496Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.984287438Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.986744994Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.989161574Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.992280405Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.994496978Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:55.996712066Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:56.004138627Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:56.012188815Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:56.015008614Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:56.018203908Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:56.020578229Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:56.023673209Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:56.027338005Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:56.030178696Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:56.032867423Z	6	PC: 12e48 \| Direct console I/O
2018-12-17T22:57:56.037535495Z	76	PC: 12e00 \| Terminate with return code (Return code = '100')