Sample viewer

vx.netlux.org/Virus.DOS.HLLP.7200

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:04:32.990491587Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:04:32.998210955Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:04:33.001899793Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:04:33.003773798Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:04:33.005983905Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:04:33.007846778Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:04:33.009133638Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:04:33.010998506Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:04:33.014802411Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:04:33.017377403Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:04:33.019972985Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:04:33.022255128Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:04:33.024052979Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:04:33.02585622Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:04:33.028892121Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:04:33.030712845Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:04:33.032379439Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:04:33.034665128Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:04:33.035751661Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:04:33.036865035Z	37	PC: 1368f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:04:33.038836914Z	37	PC: 13697 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:04:33.040617703Z	37	PC: 1369f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:04:33.042000635Z	37	PC: 136a7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:04:33.044136311Z	68	PC: 14446 \| I/O control for devices (Set for = '��Q��\')
2018-12-17T23:04:33.047041295Z	48	PC: 13f62 \| Get DOS version
2018-12-17T23:04:33.048947991Z	61	PC: 13da0 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T23:04:33.056062883Z	87	PC: 133b0 \| Get or set file date and time
2018-12-17T23:04:33.058994637Z	60	PC: 13da0 \| Create or truncate file
2018-12-17T23:04:33.080256095Z	66	PC: 13ed2 \| Move file pointer
2018-12-17T23:04:33.081750826Z	63	PC: 13e73 \| Read file or device (Read 8192 bytes on handle 5)
2018-12-17T23:04:33.087877028Z	64	PC: 13e73 \| Write file or device (Write 480 bytes on handle 6)
2018-12-17T23:04:33.092044937Z	66	PC: 14545 \| Move file pointer
2018-12-17T23:04:33.093419152Z	66	PC: 14553 \| Move file pointer
2018-12-17T23:04:33.095533037Z	66	PC: 14561 \| Move file pointer
2018-12-17T23:04:33.09709785Z	62	PC: 13df0 \| Close file
2018-12-17T23:04:33.100013595Z	87	PC: 133dd \| Get or set file date and time
2018-12-17T23:04:33.102362723Z	62	PC: 13df0 \| Close file
2018-12-17T23:04:33.110194864Z	67	PC: 1336f \| Get or set file attributes
2018-12-17T23:04:33.116756605Z	61	PC: 13da0 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T23:04:33.124721064Z	87	PC: 133b0 \| Get or set file date and time
2018-12-17T23:04:33.126591332Z	63	PC: 13e73 \| Read file or device (Read 7200 bytes on handle 5)
2018-12-17T23:04:33.137004988Z	66	PC: 13ed2 \| Move file pointer
2018-12-17T23:04:33.138697821Z	64	PC: 13e73 \| Write file or device (Write 1 bytes on handle 5)
2018-12-17T23:04:33.14215327Z	87	PC: 133dd \| Get or set file date and time
2018-12-17T23:04:33.143864108Z	62	PC: 13df0 \| Close file
2018-12-17T23:04:33.153723973Z	67	PC: 13396 \| Get or set file attributes
2018-12-17T23:04:33.165480674Z	26	PC: 1340d \| Set disk transfer address
2018-12-17T23:04:33.166708624Z	78	PC: 13419 \| Find first file
2018-12-17T23:04:33.176945567Z	64	PC: 13cfb \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T23:04:33.179666865Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:04:33.180997358Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:04:33.182298645Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:04:33.184143485Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:04:33.185425295Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:04:33.186706415Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:04:33.188524825Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:04:33.189684396Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:04:33.190799323Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:04:33.192513908Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:04:33.193802131Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:04:33.195081236Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:04:33.197806442Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:04:33.199255898Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:04:33.200700194Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:04:33.202907807Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:04:33.20442486Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:04:33.205677987Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:04:33.207632323Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:04:33.209283548Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.211576851Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.213720533Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.216235072Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.218724975Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.220688358Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.224040412Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.226127919Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.228127319Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.231166225Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.233335074Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.235494926Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.240624975Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.243334621Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.245950671Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.249221703Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.251760097Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.253983018Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.256412057Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.259085515Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.2612574Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.263546234Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.266065272Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.268396447Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.270601624Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.273303145Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.275515406Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.277686389Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.280566696Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.28266334Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.284752098Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.287902704Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.290396234Z	6	PC: 13858 \| Direct console I/O
2018-12-17T23:04:33.29430231Z	76	PC: 13810 \| Terminate with return code (Return code = '202')