Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Les.6192

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:01:54.420352017Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:01:54.422385217Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:01:54.423580373Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:01:54.424642168Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:01:54.426983618Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:01:54.428192599Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:01:54.429368459Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:01:54.431002559Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:01:54.43439827Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:01:54.43615511Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:01:54.437868099Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:01:54.442728421Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:01:54.443918027Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:01:54.445094848Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:01:54.450452054Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:01:54.452127913Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:01:54.453652047Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:01:54.456813888Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:01:54.458062655Z	53	PC: 134ba \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:01:54.45928959Z	37	PC: 134cf \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:01:54.461002398Z	37	PC: 134d7 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:01:54.463168297Z	37	PC: 134df \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:01:54.464401204Z	37	PC: 134e7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:01:54.46654366Z	68	PC: 13eb5 \| I/O control for devices (Set for = '')
2018-12-17T23:01:54.467889178Z	44	PC: 13fec \| Get time 0x13fec: mov word ptr [0x40], cx 0x13ff0: mov word ptr [0x42], dx 0x13ff4: retf 0x13ff5: call 0x1403c 0x13ff8: jb 0x14009 0x13ffa: mov cx, word ptr es:[di + 4] 0x13ffe: cmp cx, 1 0x14001: je 0x14009 0x14003: xor bx, bx 0x14005: push cs 0x14006: call 0x23b7d 0x14009: retf 4 0x1400c: call 0x1403c 0x1400f: jb 0x14024 0x14011: mov ax, cx 0x14013: mov dx, bx 0x14015: mov cx, word ptr es:[di + 4] 0x14019: cmp cx, 1 0x1401c: je 0x14024 0x1401e: xor bx, bx
2018-12-17T23:01:54.469954088Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.471673669Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.476633168Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.477798097Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.480047073Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.48165791Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.483700227Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.484911262Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.487774231Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.489325296Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.491944147Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.494186821Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.496942018Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.498547254Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.501938536Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.504896043Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.507382425Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.509276063Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.512714944Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.514157825Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.517708056Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.519184Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.521862673Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.523156955Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.526260026Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.527724267Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.530403902Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.533480683Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.536437298Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.538180844Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.541705207Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.543313248Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.546157292Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.548817982Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.5517919Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.5533888Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.557128436Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.558958244Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.561806957Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.564061053Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.566979607Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.568573522Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.571535928Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.57341054Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.576115844Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.57735932Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.580253989Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.581554773Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.58466691Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.587086537Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.593292278Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.594860184Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.599051139Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.600980875Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.605519091Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.607944939Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.611328236Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.612860265Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.61727472Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.618941091Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.622150341Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.623582262Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.628050247Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.629571775Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.633283239Z	26	PC: 132ed \| Set disk transfer address
2018-12-17T23:01:54.635867175Z	78	PC: 132f9 \| Find first file
2018-12-17T23:01:54.646388264Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.647762726Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.652987734Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.654857547Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.659432403Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.662106638Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.665899946Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.667281261Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.67148484Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.674524571Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.678481125Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.680127769Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.689361249Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.690875364Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.694789408Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.697599899Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.701489697Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.703110373Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.708226125Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.709992324Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.713909094Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.716467882Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.721222325Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.722767729Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.726934638Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.729154719Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.732821219Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.734115701Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.74193849Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.743497309Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.747358955Z	26	PC: 13311 \| Set disk transfer address
2018-12-17T23:01:54.749562275Z	79	PC: 13316 \| Find next file
2018-12-17T23:01:54.754079222Z	48	PC: 13acb \| Get DOS version
2018-12-17T23:01:54.75606847Z	67	PC: 1324f \| Get or set file attributes
2018-12-17T23:01:54.76395575Z	67	PC: 13276 \| Get or set file attributes
2018-12-17T23:01:54.78353021Z	61	PC: 1397d \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T23:01:54.792069015Z	87	PC: 13290 \| Get or set file date and time
2018-12-17T23:01:54.795404401Z	66	PC: 13aaf \| Move file pointer
2018-12-17T23:01:54.797428905Z	63	PC: 13a50 \| Read file or device (Read 6192 bytes on handle 5)
2018-12-17T23:01:54.805940078Z	66	PC: 14056 \| Move file pointer
2018-12-17T23:01:54.808867087Z	66	PC: 14064 \| Move file pointer
2018-12-17T23:01:54.811021716Z	66	PC: 14072 \| Move file pointer
2018-12-17T23:01:54.812989924Z	66	PC: 13aaf \| Move file pointer
2018-12-17T23:01:54.815512033Z	63	PC: 13a50 \| Read file or device (Read 6192 bytes on handle 5)
2018-12-17T23:01:54.818769043Z	66	PC: 13aaf \| Move file pointer
2018-12-17T23:01:54.820715049Z	64	PC: 13a50 \| Write file or device (Write 100 bytes on handle 5)
2018-12-17T23:01:54.825256082Z	66	PC: 13aaf \| Move file pointer
2018-12-17T23:01:54.827168766Z	64	PC: 139ae \| Write file or device (Write 0 bytes on handle 5)
2018-12-17T23:01:54.837497894Z	87	PC: 132bd \| Get or set file date and time
2018-12-17T23:01:54.841154014Z	62	PC: 139cd \| Close file
2018-12-17T23:01:54.849979276Z	67	PC: 13276 \| Get or set file attributes
2018-12-17T23:01:54.861449679Z	41	PC: 13421 \| Parse filename
2018-12-17T23:01:54.86486159Z	41	PC: 1342f \| Parse filename
2018-12-17T23:01:54.867150841Z	75	PC: 1343a \| Execute program
2018-12-17T23:01:54.881013268Z	67	PC: 1324f \| Get or set file attributes
2018-12-17T23:01:54.888075428Z	67	PC: 13276 \| Get or set file attributes
2018-12-17T23:01:54.900586716Z	61	PC: 1397d \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T23:01:54.914367841Z	87	PC: 13290 \| Get or set file date and time
2018-12-17T23:01:54.916769874Z	66	PC: 13aaf \| Move file pointer
2018-12-17T23:01:54.921207953Z	63	PC: 13a50 \| Read file or device (Read 6192 bytes on handle 5)
2018-12-17T23:01:54.929133746Z	66	PC: 13aaf \| Move file pointer
2018-12-17T23:01:54.931325995Z	64	PC: 13a50 \| Write file or device (Write 6192 bytes on handle 5)
2018-12-17T23:01:54.942317247Z	66	PC: 14056 \| Move file pointer
2018-12-17T23:01:54.944259897Z	66	PC: 14064 \| Move file pointer
2018-12-17T23:01:54.946382185Z	66	PC: 14072 \| Move file pointer
2018-12-17T23:01:54.949602105Z	66	PC: 13aaf \| Move file pointer
2018-12-17T23:01:54.95172302Z	64	PC: 13a50 \| Write file or device (Write 100 bytes on handle 5)
2018-12-17T23:01:54.956071561Z	87	PC: 132bd \| Get or set file date and time
2018-12-17T23:01:54.959303404Z	62	PC: 139cd \| Close file
2018-12-17T23:01:54.968968764Z	67	PC: 13276 \| Get or set file attributes
2018-12-17T23:01:54.980164652Z	67	PC: 1324f \| Get or set file attributes
2018-12-17T23:01:54.98934979Z	67	PC: 13276 \| Get or set file attributes
2018-12-17T23:01:55.417714577Z	61	PC: 1397d \| Open file (Filename = 'C:\DOS\ATTRIB.EXE')
2018-12-17T23:01:55.42762094Z	87	PC: 13290 \| Get or set file date and time
2018-12-17T23:01:55.430767573Z	66	PC: 13aaf \| Move file pointer
2018-12-17T23:01:55.434035223Z	63	PC: 13a50 \| Read file or device (Read 6192 bytes on handle 5)
2018-12-17T23:01:55.443317053Z	66	PC: 13aaf \| Move file pointer
2018-12-17T23:01:55.446754542Z	64	PC: 13a50 \| Write file or device (Write 6192 bytes on handle 5)
2018-12-17T23:01:55.455926325Z	66	PC: 14056 \| Move file pointer
2018-12-17T23:01:55.457911365Z	66	PC: 14064 \| Move file pointer
2018-12-17T23:01:55.460184767Z	66	PC: 14072 \| Move file pointer
2018-12-17T23:01:55.463203028Z	66	PC: 13aaf \| Move file pointer
2018-12-17T23:01:55.46540703Z	64	PC: 13a50 \| Write file or device (Write 6192 bytes on handle 5)
2018-12-17T23:01:55.481385863Z	87	PC: 132bd \| Get or set file date and time
2018-12-17T23:01:55.484934381Z	62	PC: 139cd \| Close file
2018-12-17T23:01:55.493775994Z	67	PC: 13276 \| Get or set file attributes
2018-12-17T23:01:55.504812261Z	77	PC: 13458 \| Get program return code
2018-12-17T23:01:55.50839903Z	64	PC: 138d8 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T23:01:55.511367408Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:01:55.513498883Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:01:55.516574492Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:01:55.519159098Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:01:55.521429053Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:01:55.524663821Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:01:55.538561034Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:01:55.540426198Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:01:55.54348215Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:01:55.546533063Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:01:55.548847432Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:01:55.550762981Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:01:55.552411669Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:01:55.55506788Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:01:55.557747265Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:01:55.561135491Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:01:55.56257197Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:01:55.566409971Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:01:55.567859896Z	37	PC: 13611 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:01:55.569286777Z	76	PC: 13650 \| Terminate with return code (Return code = '0')