Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Inna.5252

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:05:46.906962125Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:05:46.909878615Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:05:46.911350872Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:05:46.9127057Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:05:46.914066838Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:05:46.915956659Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:05:46.917457645Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:05:46.919232115Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:05:46.921770555Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:05:46.923551892Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:05:46.927363409Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:05:46.929582503Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:05:46.931378586Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:05:46.93439042Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:05:46.94389095Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:05:46.94588642Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:05:46.947270982Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:05:46.949239586Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:05:46.950806623Z	53	PC: 1398a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:05:46.952180519Z	37	PC: 1399f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:05:46.958644359Z	37	PC: 139a7 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:05:46.960747959Z	37	PC: 139af \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:05:46.962927482Z	37	PC: 139b7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:05:46.965713833Z	68	PC: 14610 \| I/O control for devices (Set for = '')
2018-12-17T23:05:46.967855238Z	53	PC: 13700 \| Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T23:05:46.969595231Z	37	PC: 1371c \| Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T23:05:46.971357186Z	48	PC: 14212 \| Get DOS version
2018-12-17T23:05:46.97435624Z	61	PC: 14050 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T23:05:46.98211082Z	63	PC: 14123 \| Read file or device (Read 5252 bytes on handle 5)
2018-12-17T23:05:46.992304817Z	62	PC: 140a0 \| Close file
2018-12-17T23:05:46.996426851Z	26	PC: 1369f \| Set disk transfer address
2018-12-17T23:05:46.998198749Z	78	PC: 136ab \| Find first file
2018-12-17T23:05:47.006032963Z	26	PC: 136c3 \| Set disk transfer address
2018-12-17T23:05:47.010832307Z	79	PC: 136c8 \| Find next file
2018-12-17T23:05:47.015099593Z	26	PC: 136c3 \| Set disk transfer address
2018-12-17T23:05:47.016517253Z	79	PC: 136c8 \| Find next file
2018-12-17T23:05:47.020543207Z	26	PC: 136c3 \| Set disk transfer address
2018-12-17T23:05:47.02352872Z	79	PC: 136c8 \| Find next file
2018-12-17T23:05:47.027605018Z	26	PC: 136c3 \| Set disk transfer address
2018-12-17T23:05:47.030972273Z	79	PC: 136c8 \| Find next file
2018-12-17T23:05:47.03569312Z	26	PC: 136c3 \| Set disk transfer address
2018-12-17T23:05:47.037192885Z	79	PC: 136c8 \| Find next file
2018-12-17T23:05:47.041413842Z	26	PC: 136c3 \| Set disk transfer address
2018-12-17T23:05:47.042884441Z	79	PC: 136c8 \| Find next file
2018-12-17T23:05:47.046956308Z	26	PC: 136c3 \| Set disk transfer address
2018-12-17T23:05:47.048488918Z	79	PC: 136c8 \| Find next file
2018-12-17T23:05:47.053015761Z	26	PC: 136c3 \| Set disk transfer address
2018-12-17T23:05:47.054557479Z	79	PC: 136c8 \| Find next file
2018-12-17T23:05:47.059406108Z	26	PC: 136c3 \| Set disk transfer address
2018-12-17T23:05:47.061521505Z	79	PC: 136c8 \| Find next file
2018-12-17T23:05:47.065149738Z	26	PC: 136c3 \| Set disk transfer address
2018-12-17T23:05:47.066431382Z	79	PC: 136c8 \| Find next file
2018-12-17T23:05:47.070756689Z	26	PC: 136c3 \| Set disk transfer address
2018-12-17T23:05:47.072008008Z	79	PC: 136c8 \| Find next file
2018-12-17T23:05:47.075664863Z	26	PC: 136c3 \| Set disk transfer address
2018-12-17T23:05:47.077731201Z	79	PC: 136c8 \| Find next file
2018-12-17T23:05:47.081500297Z	26	PC: 136c3 \| Set disk transfer address
2018-12-17T23:05:47.08276287Z	79	PC: 136c8 \| Find next file
2018-12-17T23:05:47.087311778Z	26	PC: 136c3 \| Set disk transfer address
2018-12-17T23:05:47.088564822Z	79	PC: 136c8 \| Find next file
2018-12-17T23:05:47.092666801Z	64	PC: 13da8 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T23:05:47.094808318Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:05:47.096864324Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:05:47.098415923Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:05:47.100128014Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:05:47.102303206Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:05:47.10391462Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:05:47.105308545Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:05:47.107532634Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:05:47.108948208Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:05:47.110419389Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:05:47.113585709Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:05:47.11555099Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:05:47.116866635Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:05:47.119208652Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:05:47.120511151Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:05:47.12180166Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:05:47.124162589Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:05:47.12637746Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:05:47.1280489Z	37	PC: 13ae1 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:05:47.129837788Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.13302182Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.135423172Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.137814312Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.141804979Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.144677898Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.147369802Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.151873743Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.154285176Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.156489157Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.160840203Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.163402613Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.167428666Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.170644356Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.173249095Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.175866268Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.180136083Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.184011189Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.187755682Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.191181224Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.194313501Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.198362898Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.201982009Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.207246047Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.21010037Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.213014001Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.217286922Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.220362192Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.222622518Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.22603018Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.228314108Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.230573343Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.234686736Z	6	PC: 13b68 \| Direct console I/O
2018-12-17T23:05:47.239134371Z	76	PC: 13b20 \| Terminate with return code (Return code = '202')