Sample viewer

vx.netlux.org/Virus.DOS.HLLW.Czec.4624

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:03:34.833607036Z	53	PC: 12fe6 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:03:34.836131551Z	53	PC: 12fe6 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:03:34.838136533Z	53	PC: 12fe6 \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:03:34.839746287Z	53	PC: 12fe6 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:03:34.841672375Z	53	PC: 12fe6 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:03:34.843399715Z	53	PC: 12fe6 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:03:34.844991748Z	53	PC: 12fe6 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:03:34.846633188Z	53	PC: 12fe6 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:03:34.848250619Z	53	PC: 12fe6 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:03:34.849461999Z	53	PC: 12fe6 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:03:34.850799741Z	53	PC: 12fe6 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:03:34.853249664Z	53	PC: 12fe6 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:03:34.854648696Z	53	PC: 12fe6 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:03:34.856050554Z	53	PC: 12fe6 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:03:34.858163121Z	53	PC: 12fe6 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:03:34.870439374Z	53	PC: 12fe6 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:03:34.87150307Z	53	PC: 12fe6 \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:03:34.873358782Z	53	PC: 12fe6 \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:03:34.874741043Z	37	PC: 12ffb \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:03:34.875937034Z	37	PC: 13003 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:03:34.877503332Z	37	PC: 1300b \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:03:34.878692661Z	37	PC: 13013 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:03:34.880304552Z	68	PC: 135f3 \| I/O control for devices (Set for = '')
2018-12-17T23:03:34.882362264Z	26	PC: 12f45 \| Set disk transfer address
2018-12-17T23:03:34.884009693Z	78	PC: 12f51 \| Find first file
2018-12-17T23:03:34.890929228Z	61	PC: 13915 \| Open file (Filename = 'TEST.EXE')
2018-12-17T23:03:34.898188804Z	66	PC: 13a47 \| Move file pointer
2018-12-17T23:03:34.900017355Z	63	PC: 139a7 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:03:34.90758579Z	62	PC: 13965 \| Close file
2018-12-17T23:03:34.908969159Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:34.911587648Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:34.915181639Z	44	PC: 1348f \| Get time 0x1348f: mov word ptr [0x38], cx 0x13493: mov word ptr [0x3a], dx 0x13497: retf 0x13498: mov bx, sp 0x1349a: push ds 0x1349b: les di, ptr ss:[bx + 8] 0x1349f: lds si, ptr ss:[bx + 4] 0x134a3: cld 0x134a4: xor ax, ax 0x134a6: stosw word ptr es:[di], ax 0x134a7: mov ax, 0xd7b0 0x134aa: stosw word ptr es:[di], ax 0x134ab: mov ax, 0x80 0x134ae: stosw word ptr es:[di], ax 0x134af: xor ax, ax 0x134b1: stosw word ptr es:[di], ax 0x134b2: stosw word ptr es:[di], ax 0x134b3: stosw word ptr es:[di], ax 0x134b4: lea ax, word ptr [di + 0x74] 0x134b7: stosw word ptr es:[di], ax
2018-12-17T23:03:34.918742276Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:34.939938708Z	64	PC: 139a7 \| Write file or device (Write 5056 bytes on handle 5)
2018-12-17T23:03:34.958826487Z	62	PC: 13965 \| Close file
2018-12-17T23:03:34.968724337Z	26	PC: 12f45 \| Set disk transfer address
2018-12-17T23:03:34.974217561Z	78	PC: 12f51 \| Find first file
2018-12-17T23:03:34.981198594Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:34.982328002Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:34.986078819Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:34.987447308Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:34.990594588Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:34.99222251Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:34.997173742Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:34.999007292Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.00331562Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.004616426Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.007797783Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.009129209Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.012487703Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.013786125Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.01690719Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.018569686Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.021637697Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.022772062Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.026483263Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.027606406Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.035007849Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.381694656Z	64	PC: 139a7 \| Write file or device (Write 5056 bytes on handle 5)
2018-12-17T23:03:35.394554493Z	62	PC: 13965 \| Close file
2018-12-17T23:03:35.40473833Z	26	PC: 12f45 \| Set disk transfer address
2018-12-17T23:03:35.407214543Z	78	PC: 12f51 \| Find first file
2018-12-17T23:03:35.413601603Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.414774085Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.418308064Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.419750715Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.423442074Z	26	PC: 12f45 \| Set disk transfer address
2018-12-17T23:03:35.424650512Z	78	PC: 12f51 \| Find first file
2018-12-17T23:03:35.435278873Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.436373746Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.440010581Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.441690794Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.445709343Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.447398054Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.45209848Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.453843273Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.458141261Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.460310596Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.464321743Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.465861274Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.471329804Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.472636563Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.476457197Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.47883015Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.482487758Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.483663695Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.48760292Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.489246097Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.492866414Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.494275999Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.498768381Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.500053428Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.503757156Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.506013165Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.50982125Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.511308655Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.516067323Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.517416413Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.521272694Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.522742687Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.530336876Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.531589421Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.535311986Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.537035098Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.540658913Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.541749481Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.546586239Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.547774178Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.551385586Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.553307461Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.55692541Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.557917758Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.562016966Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.565748137Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.569890955Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.572264167Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.576310919Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.577563125Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.581623308Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.583114298Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.587041193Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.588448559Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.592400708Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.593814628Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.597708559Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.599763815Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.602109868Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.603134512Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.605940744Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.606973006Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.609398989Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.610968297Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.615388589Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.616419452Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.619516777Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.620618092Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.623035071Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.624569046Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.627245868Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.628098376Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.630815309Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.631866738Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.634035326Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.635632647Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.637800139Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.638816178Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.64142171Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.642356682Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.644417356Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.646250728Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.648283872Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.649282582Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.651978684Z	26	PC: 12f69 \| Set disk transfer address
2018-12-17T23:03:35.652992179Z	79	PC: 12f6e \| Find next file
2018-12-17T23:03:35.655077607Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.657696185Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.660002184Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.662476935Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.666642386Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.670362926Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.673483371Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.677572926Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.680820498Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.684441941Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.688170067Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.690322896Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.692435415Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.695324391Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.697362559Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.699444713Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.702103113Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.706223886Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.709607298Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.714139498Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.717353421Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.720416074Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.724077354Z	60	PC: 13915 \| Create or truncate file
2018-12-17T23:03:35.72721573Z	64	PC: 136f6 \| Write file or device (Write 36 bytes on handle 1)
2018-12-17T23:03:35.732795636Z	64	PC: 136f6 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T23:03:35.736261243Z	37	PC: 130f5 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:03:35.737842967Z	37	PC: 130f5 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:03:35.739408182Z	37	PC: 130f5 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:03:35.741168437Z	37	PC: 130f5 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:03:35.743994959Z	37	PC: 130f5 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:03:35.745570043Z	37	PC: 130f5 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:03:35.74713362Z	37	PC: 130f5 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:03:35.749423576Z	37	PC: 130f5 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:03:35.750900526Z	37	PC: 130f5 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:03:35.752288264Z	37	PC: 130f5 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:03:35.754938835Z	37	PC: 130f5 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:03:35.756713067Z	37	PC: 130f5 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:03:35.758254488Z	37	PC: 130f5 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:03:35.760989127Z	37	PC: 130f5 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:03:35.762535992Z	37	PC: 130f5 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:03:35.764104135Z	37	PC: 130f5 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:03:35.766250059Z	37	PC: 130f5 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:03:35.767849133Z	37	PC: 130f5 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:03:35.769441395Z	76	PC: 13134 \| Terminate with return code (Return code = '0')