Sample viewer

vx.netlux.org/Virus.DOS.HLLC.8113

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:59:50.789537162Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:59:50.791218862Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:59:50.792563987Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:59:50.793783639Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:59:50.796276785Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:59:50.797327902Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:50.798499061Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:59:50.800756653Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:59:50.802295676Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:59:50.80335968Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:59:50.804595556Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:59:50.806221535Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:59:50.807204557Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:59:50.808179756Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:59:50.809610352Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:59:50.81058494Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:59:50.811615778Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:59:50.819309185Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:59:50.820979051Z	53	PC: 14ada \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:59:50.823072748Z	37	PC: 14aef \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:59:50.833226539Z	37	PC: 14af7 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:59:50.834401356Z	37	PC: 14aff \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:50.835493068Z	37	PC: 14b07 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:59:50.839241497Z	68	PC: 158c8 \| I/O control for devices (Set for = '�=')
2018-12-17T22:59:50.876148355Z	37	PC: 142e1 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:59:50.878033626Z	25	PC: 15480 \| Get default drive
2018-12-17T22:59:50.882153531Z	71	PC: 15493 \| Get current directory
2018-12-17T22:59:50.886239663Z	26	PC: 14939 \| Set disk transfer address
2018-12-17T22:59:50.887510277Z	78	PC: 14945 \| Find first file
2018-12-17T22:59:50.891774465Z	25	PC: 15480 \| Get default drive
2018-12-17T22:59:50.892954576Z	71	PC: 15493 \| Get current directory
2018-12-17T22:59:50.895088954Z	26	PC: 14939 \| Set disk transfer address
2018-12-17T22:59:50.89695974Z	78	PC: 14945 \| Find first file
2018-12-17T22:59:50.902939092Z	26	PC: 14939 \| Set disk transfer address
2018-12-17T22:59:50.904291905Z	78	PC: 14945 \| Find first file
2018-12-17T22:59:50.911179789Z	61	PC: 15231 \| Open file (Filename = 'A:\\TEST.EXE')
2018-12-17T22:59:50.915115495Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:59:50.916541305Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:59:50.917992093Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:59:50.920515034Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:59:50.921917871Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:59:50.923323256Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:50.925609806Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:59:50.927422621Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:59:50.928842233Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:59:50.930974974Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:59:50.932695628Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:59:50.934122268Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:59:50.935720208Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:59:50.938642271Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:59:50.940057404Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:59:50.941449986Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:59:50.943919499Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:59:50.945361785Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:59:50.946755808Z	37	PC: 14c31 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:59:50.949115768Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.951468307Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.955106864Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.958196631Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.960469824Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.962757752Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.966031234Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.968423314Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.97057464Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.973353776Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.975514225Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.977860242Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.98136852Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.983584689Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.985819944Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.988426594Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.990403317Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.992313106Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.995107607Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.997302606Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:50.999503033Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:51.002274881Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:51.004349768Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:51.0063944Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:51.018088158Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:51.020697991Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:51.022709523Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:51.026220782Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:51.028758806Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:51.031222948Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:51.034609697Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:51.037132913Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:51.03932977Z	6	PC: 14cb8 \| Direct console I/O
2018-12-17T22:59:51.044039348Z	76	PC: 14c70 \| Terminate with return code (Return code = '5')