Sample viewer

vx.netlux.org/Virus.DOS.HLLO.BigC.12224

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:02:47.70611288Z	48	PC: 12a4c \| Get DOS version
2018-12-17T23:02:47.708850718Z	53	PC: 12bef \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:47.710394231Z	53	PC: 12bfc \| Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T23:02:47.711908594Z	53	PC: 12c09 \| Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T23:02:47.715709208Z	53	PC: 12c16 \| Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T23:02:47.717039635Z	37	PC: 12c2a \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:47.71839308Z	74	PC: 12af4 \| Reallocate memory
2018-12-17T23:02:47.721460097Z	68	PC: 1300e \| I/O control for devices (Set for = 'pyright 1991 Borland Intl.')
2018-12-17T23:02:47.723923705Z	68	PC: 1300e \| I/O control for devices (Set for = '')
2018-12-17T23:02:47.727950133Z	86	PC: 14338 \| Rename file
2018-12-17T23:02:47.744895295Z	47	PC: 13ef4 \| Get disk transfer address
2018-12-17T23:02:47.746858607Z	26	PC: 13efd \| Set disk transfer address
2018-12-17T23:02:47.747936589Z	78	PC: 13f07 \| Find first file
2018-12-17T23:02:47.753670337Z	26	PC: 13f10 \| Set disk transfer address
2018-12-17T23:02:47.756136488Z	55	PC: 12fa6 \| Get or set switch character
2018-12-17T23:02:47.758956028Z	41	PC: 13cb7 \| Parse filename
2018-12-17T23:02:47.760361177Z	41	PC: 13cd6 \| Parse filename
2018-12-17T23:02:47.7628556Z	75	PC: 13d16 \| Execute program
2018-12-17T23:02:47.783267475Z	80	PC: 25c99 \| Set current PSP
2018-12-17T23:02:47.784320465Z	48	PC: 25c9e \| Get DOS version
2018-12-17T23:02:47.786907094Z	99	PC: 2c480 \| Get DBCS lead byte table pointer
2018-12-17T23:02:47.789677484Z	101	PC: 25d24 \| Get extended country info
2018-12-17T23:02:47.790867205Z	99	PC: 25d2a \| Get DBCS lead byte table pointer
2018-12-17T23:02:47.792854726Z	74	PC: 25d8c \| Reallocate memory
2018-12-17T23:02:47.794461298Z	25	PC: 25dc3 \| Get default drive
2018-12-17T23:02:47.795662818Z	37	PC: 25883 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T23:02:47.813255542Z	37	PC: 2588a \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:02:47.815054412Z	37	PC: 25891 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:02:47.819074067Z	74	PC: 24a2c \| Reallocate memory
2018-12-17T23:02:47.821150754Z	72	PC: 24a6d \| Allocate memory
2018-12-17T23:02:47.823115338Z	72	PC: 24aa5 \| Allocate memory
2018-12-17T23:02:47.825394373Z	72	PC: 24aad \| Allocate memory