Sample viewer

vx.netlux.org/Virus.DOS.HLLC.16240

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:05:45.505786505Z 53 PC: 1504a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:05:45.507712393Z 53 PC: 1504a | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:05:45.50933466Z 53 PC: 1504a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:05:45.511118843Z 53 PC: 1504a | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:05:45.513283888Z 53 PC: 1504a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:05:45.514761349Z 53 PC: 1504a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:05:45.516016415Z 53 PC: 1504a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:05:45.51862154Z 53 PC: 1504a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:05:45.525591557Z 53 PC: 1504a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:05:45.526760285Z 53 PC: 1504a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:05:45.527886875Z 53 PC: 1504a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:05:45.529421983Z 53 PC: 1504a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:05:45.530528391Z 53 PC: 1504a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:05:45.531601109Z 53 PC: 1504a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:05:45.53330155Z 53 PC: 1504a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:05:45.534760859Z 53 PC: 1504a | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:05:45.535995853Z 53 PC: 1504a | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:05:45.537482798Z 53 PC: 1504a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:05:45.538623392Z 53 PC: 1504a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:05:45.539660347Z 37 PC: 1505f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:05:45.541697919Z 37 PC: 15067 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:05:45.544124259Z 37 PC: 1506f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:05:45.546511556Z 37 PC: 15077 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:05:45.550014374Z 68 PC: 15e40 | I/O control for devices (Set for = 'w��Э� ��O�Э:E�t��ҭ3ɬ� �u��ŝ]_^ZY[�P�/��t�\�ЭXâЭX�SQRWV�������6έ�6̭�6ʭ2ɬ �t:�t��t�����2ɪ���6έ��3����t!�Э �u:E�t��� �u�����}��')
2018-12-17T23:05:45.6058347Z 37 PC: 14851 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:05:45.607961425Z 25 PC: 159f8 | Get default drive
2018-12-17T23:05:45.610328088Z 71 PC: 15a0b | Get current directory
2018-12-17T23:05:45.614214817Z 26 PC: 14ea9 | Set disk transfer address
2018-12-17T23:05:45.615810553Z 78 PC: 14eb5 | Find first file
2018-12-17T23:05:45.623443942Z 25 PC: 159f8 | Get default drive
2018-12-17T23:05:45.625075702Z 71 PC: 15a0b | Get current directory
2018-12-17T23:05:45.628796596Z 26 PC: 14ea9 | Set disk transfer address
2018-12-17T23:05:45.630591014Z 78 PC: 14eb5 | Find first file
2018-12-17T23:05:45.637637396Z 26 PC: 14ea9 | Set disk transfer address
2018-12-17T23:05:45.639195354Z 78 PC: 14eb5 | Find first file
2018-12-17T23:05:45.646682082Z 61 PC: 15831 | Open file (Filename = 'A:\\TEST.EXE')
2018-12-17T23:05:45.651448908Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:05:45.653771868Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:05:45.655744138Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:05:45.658805343Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:05:45.66130683Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:05:45.663263756Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:05:45.665677263Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:05:45.667864085Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:05:45.669934856Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:05:45.67278001Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:05:45.674231949Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:05:45.675682152Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:05:45.677041331Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:05:45.679542974Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:05:45.681226715Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:05:45.683388927Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:05:45.686140999Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:05:45.688608844Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:05:45.690102959Z 37 PC: 151a1 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:05:45.692383115Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.694755478Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.697095653Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.700063789Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.702662993Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.705485737Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.709348172Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.712360829Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.714800818Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.718161628Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.721114472Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.724039882Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.726977828Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.730565291Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.733495514Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.736440502Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.740212433Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.742883032Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.746263127Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.74977254Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.753380016Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.756065122Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.759421062Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.761957553Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.764400961Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.767527222Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.770152086Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.772642687Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.775743409Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.778603223Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.781316349Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.784403544Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.786985584Z 6 PC: 15228 | Direct console I/O
2018-12-17T23:05:45.790984051Z 76 PC: 151e0 | Terminate with return code (Return code = '5')