Sample viewer

vx.netlux.org/Virus.DOS.HLLP.UX.7344

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:02:55.464669215Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:55.467274627Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:02:55.468868804Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:02:55.470313253Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:02:55.472060737Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:02:55.474400485Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:02:55.47589432Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:02:55.477678136Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:02:55.480114732Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:02:55.481364072Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:02:55.482425963Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:02:55.484551387Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:02:55.485856643Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:02:55.487702863Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:02:55.489308715Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:02:55.490632462Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:02:55.492004333Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:02:55.495099444Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:02:55.496297182Z	53	PC: 13652 \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:02:55.497446369Z	37	PC: 13667 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:55.498790806Z	37	PC: 1366f \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:02:55.500516725Z	37	PC: 13677 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:02:55.501572548Z	37	PC: 1367f \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:02:55.503023938Z	68	PC: 13c52 \| I/O control for devices (Set for = '')
2018-12-17T23:02:55.505614489Z	48	PC: 142e7 \| Get DOS version
2018-12-17T23:02:55.507655486Z	61	PC: 140a7 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T23:02:55.514541492Z	87	PC: 13390 \| Get or set file date and time
2018-12-17T23:02:55.517562498Z	60	PC: 140a7 \| Create or truncate file
2018-12-17T23:02:55.534219364Z	66	PC: 141d9 \| Move file pointer
2018-12-17T23:02:55.536010443Z	63	PC: 1417a \| Read file or device (Read 8192 bytes on handle 5)
2018-12-17T23:02:55.549555987Z	64	PC: 1417a \| Write file or device (Write 144 bytes on handle 6)
2018-12-17T23:02:55.553625076Z	66	PC: 14243 \| Move file pointer
2018-12-17T23:02:55.555294713Z	66	PC: 14251 \| Move file pointer
2018-12-17T23:02:55.568241479Z	66	PC: 1425f \| Move file pointer
2018-12-17T23:02:55.569992569Z	62	PC: 140f7 \| Close file
2018-12-17T23:02:55.572070803Z	87	PC: 133bd \| Get or set file date and time
2018-12-17T23:02:55.574669054Z	62	PC: 140f7 \| Close file
2018-12-17T23:02:55.58310949Z	67	PC: 1334f \| Get or set file attributes
2018-12-17T23:02:55.589652491Z	61	PC: 140a7 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T23:02:55.596903835Z	87	PC: 13390 \| Get or set file date and time
2018-12-17T23:02:55.598448738Z	63	PC: 1417a \| Read file or device (Read 7200 bytes on handle 5)
2018-12-17T23:02:55.606066695Z	66	PC: 141d9 \| Move file pointer
2018-12-17T23:02:55.607736367Z	64	PC: 1417a \| Write file or device (Write 1 bytes on handle 5)
2018-12-17T23:02:55.611165462Z	87	PC: 133bd \| Get or set file date and time
2018-12-17T23:02:55.612976902Z	62	PC: 140f7 \| Close file
2018-12-17T23:02:55.620280222Z	67	PC: 13376 \| Get or set file attributes
2018-12-17T23:02:55.631644103Z	26	PC: 133ed \| Set disk transfer address
2018-12-17T23:02:55.633016525Z	78	PC: 133f9 \| Find first file
2018-12-17T23:02:55.642192822Z	64	PC: 13d55 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T23:02:55.644386739Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:55.645410697Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:02:55.646460788Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:02:55.648317152Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:02:55.649376146Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:02:55.650528716Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:02:55.652517488Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:02:55.654090602Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:02:55.656065233Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:02:55.658434972Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:02:55.659998183Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:02:55.66154907Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:02:55.663755499Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:02:55.665621949Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:02:55.666695815Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:02:55.668458078Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:02:55.669582707Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:02:55.670687408Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:02:55.672665107Z	37	PC: 13766 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:02:55.673931827Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.675984431Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.678900584Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.681068099Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.68317342Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.685783197Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.687899078Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.690411155Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.693835943Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.695970327Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.698018733Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.700673581Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.702740785Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.704739086Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.707308695Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.709438856Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.71150044Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.714076277Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.716096341Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.718057404Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.72062205Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.723228043Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.72550756Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.731620376Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.734010136Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.736300589Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.739160225Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.74137832Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.743728106Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.74699875Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.749166516Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.751433815Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.754511811Z	6	PC: 137ed \| Direct console I/O
2018-12-17T23:02:55.758490234Z	76	PC: 137a5 \| Terminate with return code (Return code = '202')