Sample viewer

vx.netlux.org/Virus.DOS.HLLP.15746

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:03:20.540120835Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:03:20.541689056Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:03:20.543354152Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:03:20.544359577Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:03:20.545349543Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:03:20.546918893Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:03:20.547881859Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:03:20.548933465Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:03:20.550501559Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:03:20.5521244Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:03:20.553290327Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:03:20.55535738Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:03:20.556679993Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:03:20.557827613Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:03:20.559382836Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:03:20.560545648Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:03:20.561674909Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:03:20.563403504Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:03:20.564601761Z	53	PC: 13d2a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:03:20.565489106Z	37	PC: 13d3f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:03:20.566842978Z	37	PC: 13d47 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:03:20.567763107Z	37	PC: 13d4f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:03:20.568923981Z	37	PC: 13d57 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:03:20.570613026Z	68	PC: 14fe9 \| I/O control for devices (Set for = '')
2018-12-17T23:03:20.572188324Z	37	PC: 144ad \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:03:20.573114766Z	37	PC: 144ad \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:03:20.573943249Z	37	PC: 144ad \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:03:20.574884551Z	37	PC: 144ad \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:03:20.575702173Z	37	PC: 144ad \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:03:20.576477434Z	37	PC: 144ad \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:03:20.577792718Z	37	PC: 144ad \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:03:20.579020188Z	37	PC: 144ad \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:03:20.580170873Z	37	PC: 144ad \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:03:20.582189165Z	37	PC: 144ad \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:03:20.583110375Z	37	PC: 144b4 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:03:20.584189771Z	37	PC: 144bb \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:03:20.585626335Z	37	PC: 144c2 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:03:20.640844806Z	37	PC: 13521 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:03:20.642771738Z	53	PC: 13bcf \| Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T23:03:20.644822495Z	37	PC: 13beb \| Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T23:03:20.645701866Z	53	PC: 13bcf \| Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:03:20.647090606Z	37	PC: 13beb \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:03:20.648347144Z	53	PC: 13bcf \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:03:20.649367186Z	37	PC: 13beb \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:03:20.650335753Z	51	PC: 13abd \| Get or set Ctrl-Break
2018-12-17T23:03:20.651804886Z	60	PC: 14b4d \| Create or truncate file
2018-12-17T23:03:20.666172977Z	65	PC: 14c96 \| Delete file (Filename = '\�')
2018-12-17T23:03:20.673622077Z	48	PC: 14d0f \| Get DOS version
2018-12-17T23:03:20.675825319Z	61	PC: 14b4d \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T23:03:20.680996581Z	66	PC: 14c7f \| Move file pointer
2018-12-17T23:03:20.68229522Z	63	PC: 14c20 \| Read file or device (Read 4 bytes on handle 6)
2018-12-17T23:03:20.688685162Z	62	PC: 14b9d \| Close file
2018-12-17T23:03:20.691807302Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:03:20.693100656Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:03:20.695157923Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:03:20.697212062Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:03:20.698529054Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:03:20.699699552Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:03:20.701111289Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:03:20.702478626Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:03:20.703639496Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:03:20.70557509Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:03:20.707007339Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:03:20.708237555Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:03:20.710885574Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:03:20.712372051Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:03:20.714089042Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:03:20.716283512Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:03:20.718044157Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:03:20.719104799Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:03:20.720794019Z	37	PC: 13e81 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:03:20.722408186Z	76	PC: 13ec0 \| Terminate with return code (Return code = '8')