Sample viewer

vx.netlux.org/Virus.DOS.HLLO.Samael.8416

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:04:39.454092876Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:04:39.456380015Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:04:39.457959224Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:04:39.459487204Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:04:39.461305925Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:04:39.462713119Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:04:39.464027715Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:04:39.465599446Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:04:39.467474014Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:04:39.469464878Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:04:39.470686146Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:04:39.472267561Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:04:39.473649306Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:04:39.475086534Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:04:39.476953626Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:04:39.478213838Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:04:39.479478094Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:04:39.481661225Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:04:39.483311967Z	53	PC: 1384a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:04:39.484945012Z	37	PC: 1385f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:04:39.502697162Z	37	PC: 13867 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:04:39.50712068Z	37	PC: 1386f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:04:39.509325538Z	37	PC: 13877 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:04:39.524279863Z	68	PC: 1464f \| I/O control for devices (Set for = '�%��%��l��')
2018-12-17T23:04:39.730073668Z	64	PC: 13c68 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T23:04:39.73360856Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:04:39.736337978Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:04:39.737839069Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:04:39.739800069Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:04:39.741669288Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:04:39.743938869Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:04:39.74639311Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:04:39.748735588Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:04:39.750482377Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:04:39.752247135Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:04:39.753811653Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:04:39.755194788Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:04:39.757089015Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:04:39.758359368Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:04:39.759628375Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:04:39.761347394Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:04:39.762664532Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:04:39.763939467Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:04:39.765558969Z	37	PC: 139a1 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:04:39.767202618Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.770069708Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.772987647Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.775181689Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.777324339Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.780395526Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.782984637Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.785264347Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.788085036Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.790857013Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.793506254Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.796175516Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.799848494Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.802572328Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.805152803Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.807310198Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.808926354Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.810500307Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.812678103Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.814186241Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.816050745Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.818022401Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.819603665Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.821069852Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.824576067Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.82669584Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.828848482Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.831122517Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.833223559Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.835136249Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.837021135Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.839116148Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.840883283Z	6	PC: 13a28 \| Direct console I/O
2018-12-17T23:04:39.845241514Z	76	PC: 139e0 \| Terminate with return code (Return code = '200')