Sample viewer

vx.netlux.org/Virus.DOS.HLLP.7200.c

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:03:11.967541817Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:03:11.969034461Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:03:11.973445105Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:03:11.975077933Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:03:11.976595366Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:03:11.978518661Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:03:11.980463512Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:03:11.982007826Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:03:11.983905783Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:03:11.985262357Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:03:11.987256587Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:03:11.995826746Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:03:11.997295343Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:03:11.998536989Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:03:12.000309741Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:03:12.002028921Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:03:12.010260473Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:03:12.012426705Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:03:12.013706006Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:03:12.015005649Z	37	PC: 136bf \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:03:12.017003655Z	37	PC: 136c7 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:03:12.018296073Z	37	PC: 136cf \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:03:12.019718855Z	37	PC: 136d7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:03:12.022408868Z	68	PC: 14476 \| I/O control for devices (Set for = 'J�ӻ')
2018-12-17T22:03:12.024310208Z	48	PC: 13f92 \| Get DOS version
2018-12-17T22:03:12.026203917Z	61	PC: 13dd0 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:03:12.033903354Z	87	PC: 133e0 \| Get or set file date and time
2018-12-17T22:03:12.035923712Z	60	PC: 13dd0 \| Create or truncate file
2018-12-17T22:03:12.055236157Z	66	PC: 13f02 \| Move file pointer
2018-12-17T22:03:12.060697178Z	63	PC: 13ea3 \| Read file or device (Read 8192 bytes on handle 5)
2018-12-17T22:03:12.067901844Z	64	PC: 13ea3 \| Write file or device (Write 560 bytes on handle 6)
2018-12-17T22:03:12.076046433Z	66	PC: 14575 \| Move file pointer
2018-12-17T22:03:12.077656994Z	66	PC: 14583 \| Move file pointer
2018-12-17T22:03:12.087057508Z	66	PC: 14591 \| Move file pointer
2018-12-17T22:03:12.08855596Z	62	PC: 13e20 \| Close file
2018-12-17T22:03:12.090603104Z	87	PC: 1340d \| Get or set file date and time
2018-12-17T22:03:12.092841078Z	62	PC: 13e20 \| Close file
2018-12-17T22:03:12.104396948Z	67	PC: 1339f \| Get or set file attributes
2018-12-17T22:03:12.110997585Z	61	PC: 13dd0 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:03:12.1180675Z	87	PC: 133e0 \| Get or set file date and time
2018-12-17T22:03:12.119554945Z	63	PC: 13ea3 \| Read file or device (Read 7200 bytes on handle 5)
2018-12-17T22:03:12.128054644Z	66	PC: 13f02 \| Move file pointer
2018-12-17T22:03:12.129918841Z	64	PC: 13ea3 \| Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:03:12.132634361Z	87	PC: 1340d \| Get or set file date and time
2018-12-17T22:03:12.134447523Z	62	PC: 13e20 \| Close file
2018-12-17T22:03:12.141872403Z	67	PC: 133c6 \| Get or set file attributes
2018-12-17T22:03:12.153574152Z	26	PC: 1343d \| Set disk transfer address
2018-12-17T22:03:12.154679329Z	78	PC: 13449 \| Find first file
2018-12-17T22:03:12.164959723Z	64	PC: 13d2b \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:03:12.16678982Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:03:12.167995729Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:03:12.169436403Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:03:12.17085609Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:03:12.172087064Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:03:12.173738083Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:03:12.175019435Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:03:12.176249324Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:03:12.177787953Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:03:12.178970054Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:03:12.180137559Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:03:12.181611618Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:03:12.182876792Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:03:12.184138167Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:03:12.194480504Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:03:12.195788188Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:03:12.197189293Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:03:12.199127032Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:03:12.20058773Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:03:12.202042419Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.204945391Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.20715821Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.209217765Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.211435279Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.213518533Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.215503976Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.217939256Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.220057452Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.222063466Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.224072662Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.225982605Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.227968336Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.230205105Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.23223897Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.234240811Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.237386336Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.239358014Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.241215615Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.243406076Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.245843951Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.247932595Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.250224866Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.252324419Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.254346041Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.257743649Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.259804165Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.261827896Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.26462409Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.266716176Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.26882861Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.272147344Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.274052929Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:03:12.277651401Z	76	PC: 13840 \| Terminate with return code (Return code = '202')