Sample viewer

vx.netlux.org/Virus.DOS.VrapExe.3729

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:06:36.764302286Z	42	PC: 133ec \| Get date 0x133ec: cmp dh, 9 0x133ef: je 0x133f4 0x133f1: jmp 0x1348b 0x133f4: mov byte ptr cs:[0x24], 2 0x133fa: mov al, byte ptr [0x24] 0x133fd: mov cx, 0x64 0x13400: test bp, si 0x13402: xor dx, dx 0x13404: inc dx 0x13405: mov dl, dl 0x13407: mov bx, 0 0x1340a: test si, bx 0x1340c: int 0x26 0x1340e: add sp, 2 0x13411: clc 0x13412: mov word ptr [0x564], ds 0x13416: xchg ah, ah 0x13418: mov cx, 0xffff 0x1341b: and dh, dh 0x1341d: mov bx, 0x55c
2018-12-17T23:06:36.77429482Z	42	PC: 13022 \| Get date 0x13022: test di, cx 0x13024: mov byte ptr [0x2b], al 0x13027: mov byte ptr cs:[0x2e], 0 0x1302d: and cx, cx 0x1302f: mov ah, 0x2f 0x13031: xchg dx, dx 0x13033: int 0x21 0x13035: and si, si 0x13037: mov word ptr [0x27], bx 0x1303b: and ah, ah 0x1303d: mov word ptr [0x29], es 0x13041: test dx, cx 0x13043: mov ax, cs 0x13045: xchg di, di 0x13047: mov es, ax 0x13049: mov ah, 0x1a 0x1304b: mov si, si 0x1304d: mov dx, 0xdc6 0x13050: xchg di, di 0x13052: int 0x21
2018-12-17T23:06:36.775801424Z	47	PC: 13035 \| Get disk transfer address
2018-12-17T23:06:36.776910935Z	26	PC: 13054 \| Set disk transfer address
2018-12-17T23:06:36.778378834Z	53	PC: 1305b \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:06:36.77927404Z	37	PC: 1307b \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:06:36.780862083Z	44	PC: 13670 \| Get time 0x13670: xor ax, ax 0x13672: add al, ch 0x13674: and si, si 0x13676: xor ch, ch 0x13678: test cx, si 0x1367a: add ax, cx 0x1367c: mov cx, cx 0x1367e: xchg dh, dl 0x13680: mov cx, dx 0x13682: and bp, bp 0x13684: xor ch, ch 0x13686: add ax, cx 0x13688: xchg si, si 0x1368a: xchg dh, dl 0x1368c: mov cx, dx 0x1368e: xor ch, ch 0x13690: mul cx 0x13692: pop bp 0x13693: mov cx, bp 0x13695: div cx
2018-12-17T23:06:36.7935211Z	44	PC: 13670 \| Get time 0x13670: xor ax, ax 0x13672: add al, ch 0x13674: and si, si 0x13676: xor ch, ch 0x13678: xchg bx, bx 0x1367a: add ax, cx 0x1367c: xchg dl, dl 0x1367e: xchg dh, dl 0x13680: mov cx, dx 0x13682: test bx, si 0x13684: xor ch, ch 0x13686: add ax, cx 0x13688: or di, di 0x1368a: xchg dh, dl 0x1368c: mov cx, dx 0x1368e: xor ch, ch 0x13690: mul cx 0x13692: pop bp 0x13693: mov cx, bp 0x13695: div cx
2018-12-17T23:06:36.795697033Z	25	PC: 1325a \| Get default drive
2018-12-17T23:06:36.79672274Z	54	PC: 1326f \| Get free disk space
2018-12-17T23:06:36.805661381Z	42	PC: 134dd \| Get date 0x134dd: and dx, dx 0x134df: and al, 1 0x134e1: cmp al, 1 0x134e3: jne 0x134e9 0x134e5: clc 0x134e6: jmp 0x134ea 0x134e8: nop 0x134e9: stc 0x134ea: pop ds 0x134eb: pop es 0x134ec: pop di 0x134ed: pop si 0x134ee: pop dx 0x134ef: pop cx 0x134f0: pop bx 0x134f1: pop ax 0x134f2: ret 0x134f3: pushf 0x134f4: push es 0x134f5: push ax
2018-12-17T23:06:36.808070075Z	78	PC: 1356c \| Find first file
2018-12-17T23:06:36.813817294Z	79	PC: 13598 \| Find next file
2018-12-17T23:06:36.816454199Z	79	PC: 13598 \| Find next file
2018-12-17T23:06:36.81954557Z	79	PC: 13598 \| Find next file
2018-12-17T23:06:36.821857089Z	79	PC: 13598 \| Find next file
2018-12-17T23:06:36.824215278Z	79	PC: 13598 \| Find next file
2018-12-17T23:06:36.828076327Z	79	PC: 13598 \| Find next file
2018-12-17T23:06:36.830603362Z	79	PC: 13598 \| Find next file
2018-12-17T23:06:36.833882971Z	79	PC: 13598 \| Find next file
2018-12-17T23:06:36.836778884Z	79	PC: 13598 \| Find next file
2018-12-17T23:06:36.838983124Z	44	PC: 13670 \| Get time 0x13670: xor ax, ax 0x13672: add al, ch 0x13674: and si, si 0x13676: xor ch, ch 0x13678: xchg bx, bx 0x1367a: add ax, cx 0x1367c: xchg dl, dl 0x1367e: xchg dh, dl 0x13680: mov cx, dx 0x13682: test bx, si 0x13684: xor ch, ch 0x13686: add ax, cx 0x13688: or di, di 0x1368a: xchg dh, dl 0x1368c: mov cx, dx 0x1368e: xor ch, ch 0x13690: mul cx 0x13692: pop bp 0x13693: mov cx, bp 0x13695: div cx
2018-12-17T23:06:36.840961806Z	44	PC: 13124 \| Get time 0x13124: test cx, bp 0x13126: mov byte ptr [0x2c], dh 0x1312a: mov al, byte ptr [0x2d] 0x1312d: test cx, bp 0x1312f: mov dx, 0xd2c 0x13132: test cx, bp 0x13134: call 0x135ae 0x13137: test cx, bp 0x13139: test cx, bp 0x1313b: test cx, bp 0x1313d: mov dx, 0xd2c 0x13140: test cx, bp 0x13142: call 0x136a3 0x13145: mov al, byte ptr [0x2e] 0x13148: test cx, bp 0x1314a: and al, 2 0x1314c: test cx, bp 0x1314e: cmp al, 2 0x13150: je 0x131ba 0x13152: mov byte ptr [0xd2f], 0
2018-12-17T23:06:36.843612031Z	78	PC: 135e9 \| Find first file
2018-12-17T23:06:36.849280928Z	79	PC: 13624 \| Find next file
2018-12-17T23:06:36.851665009Z	79	PC: 13624 \| Find next file
2018-12-17T23:06:36.855157645Z	79	PC: 13624 \| Find next file
2018-12-17T23:06:36.857878512Z	79	PC: 13624 \| Find next file
2018-12-17T23:06:36.860572742Z	79	PC: 13624 \| Find next file
2018-12-17T23:06:36.863989685Z	79	PC: 13624 \| Find next file
2018-12-17T23:06:36.866715036Z	79	PC: 13624 \| Find next file
2018-12-17T23:06:36.869462323Z	79	PC: 13624 \| Find next file
2018-12-17T23:06:36.881331733Z	79	PC: 13624 \| Find next file
2018-12-17T23:06:36.884079767Z	78	PC: 137ff \| Find first file
2018-12-17T23:06:36.890100767Z	78	PC: 137ff \| Find first file
2018-12-17T23:06:36.897288489Z	78	PC: 13726 \| Find first file
2018-12-17T23:06:36.903971867Z	37	PC: 131cf \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:06:36.905508031Z	26	PC: 131dc \| Set disk transfer address
2018-12-17T23:06:36.907551502Z	76	PC: 12f28 \| Terminate with return code (Return code = '76')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15596,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:43:57.875970456Z	42	PC: 133ec \| Get date 0x133ec: cmp dh, 9 0x133ef: je 0x133f4 0x133f1: jmp 0x1348b 0x133f4: mov byte ptr cs:[0x24], 2 0x133fa: mov al, byte ptr [0x24] 0x133fd: mov cx, 0x64 0x13400: test bp, si 0x13402: xor dx, dx 0x13404: inc dx 0x13405: mov dl, dl 0x13407: mov bx, 0 0x1340a: test si, bx 0x1340c: int 0x26 0x1340e: add sp, 2 0x13411: clc 0x13412: mov word ptr [0x564], ds 0x13416: xchg ah, ah 0x13418: mov cx, 0xffff 0x1341b: and dh, dh 0x1341d: mov bx, 0x55c
2018-12-25T12:43:57.878270848Z	42	PC: 13022 \| Get date 0x13022: test di, cx 0x13024: mov byte ptr [0x2b], al 0x13027: mov byte ptr cs:[0x2e], 0 0x1302d: and cx, cx 0x1302f: mov ah, 0x2f 0x13031: xchg dx, dx 0x13033: int 0x21 0x13035: and si, si 0x13037: mov word ptr [0x27], bx 0x1303b: and ah, ah 0x1303d: mov word ptr [0x29], es 0x13041: test dx, cx 0x13043: mov ax, cs 0x13045: xchg di, di 0x13047: mov es, ax 0x13049: mov ah, 0x1a 0x1304b: mov si, si 0x1304d: mov dx, 0xdc6 0x13050: xchg di, di 0x13052: int 0x21
2018-12-25T12:43:57.879892449Z	47	PC: 13035 \| Get disk transfer address
2018-12-25T12:43:57.880820195Z	26	PC: 13054 \| Set disk transfer address
2018-12-25T12:43:57.88242419Z	53	PC: 1305b \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:57.883886272Z	37	PC: 1307b \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:57.885379442Z	44	PC: 13670 \| Get time 0x13670: xor ax, ax 0x13672: add al, ch 0x13674: and si, si 0x13676: xor ch, ch 0x13678: test cx, si 0x1367a: add ax, cx 0x1367c: mov cx, cx 0x1367e: xchg dh, dl 0x13680: mov cx, dx 0x13682: and bp, bp 0x13684: xor ch, ch 0x13686: add ax, cx 0x13688: xchg si, si 0x1368a: xchg dh, dl 0x1368c: mov cx, dx 0x1368e: xor ch, ch 0x13690: mul cx 0x13692: pop bp 0x13693: mov cx, bp 0x13695: div cx
2018-12-25T12:43:57.895715332Z	44	PC: 13670 \| Get time (See above)
2018-12-25T12:43:57.897810345Z	25	PC: 1325a \| Get default drive
2018-12-25T12:43:57.898680451Z	54	PC: 1326f \| Get free disk space
2018-12-25T12:43:57.904145908Z	42	PC: 134dd \| Get date 0x134dd: and dx, dx 0x134df: and al, 1 0x134e1: cmp al, 1 0x134e3: jne 0x134e9 0x134e5: clc 0x134e6: jmp 0x134ea 0x134e8: nop 0x134e9: stc 0x134ea: pop ds 0x134eb: pop es 0x134ec: pop di 0x134ed: pop si 0x134ee: pop dx 0x134ef: pop cx 0x134f0: pop bx 0x134f1: pop ax 0x134f2: ret 0x134f3: pushf 0x134f4: push es 0x134f5: push ax
2018-12-25T12:43:57.906540983Z	37	PC: 131cf \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:57.907251995Z	26	PC: 131dc \| Set disk transfer address
2018-12-25T12:43:57.908790237Z	76	PC: 12f28 \| Terminate with return code (Return code = '76')

{"DateBased":true,"Day":1,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15596,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:43:58.172603422Z	42	PC: 133ec \| Get date 0x133ec: cmp dh, 9 0x133ef: je 0x133f4 0x133f1: jmp 0x1348b 0x133f4: mov byte ptr cs:[0x24], 2 0x133fa: mov al, byte ptr [0x24] 0x133fd: mov cx, 0x64 0x13400: test bp, si 0x13402: xor dx, dx 0x13404: inc dx 0x13405: mov dl, dl 0x13407: mov bx, 0 0x1340a: test si, bx 0x1340c: int 0x26 0x1340e: add sp, 2 0x13411: clc 0x13412: mov word ptr [0x564], ds 0x13416: xchg ah, ah 0x13418: mov cx, 0xffff 0x1341b: and dh, dh 0x1341d: mov bx, 0x55c

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15596,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:43:58.566474855Z	42	PC: 133ec \| Get date 0x133ec: cmp dh, 9 0x133ef: je 0x133f4 0x133f1: jmp 0x1348b 0x133f4: mov byte ptr cs:[0x24], 2 0x133fa: mov al, byte ptr [0x24] 0x133fd: mov cx, 0x64 0x13400: test bp, si 0x13402: xor dx, dx 0x13404: inc dx 0x13405: mov dl, dl 0x13407: mov bx, 0 0x1340a: test si, bx 0x1340c: int 0x26 0x1340e: add sp, 2 0x13411: clc 0x13412: mov word ptr [0x564], ds 0x13416: xchg ah, ah 0x13418: mov cx, 0xffff 0x1341b: and dh, dh 0x1341d: mov bx, 0x55c
2018-12-25T12:43:58.569407671Z	42	PC: 13022 \| Get date 0x13022: test di, cx 0x13024: mov byte ptr [0x2b], al 0x13027: mov byte ptr cs:[0x2e], 0 0x1302d: and cx, cx 0x1302f: mov ah, 0x2f 0x13031: xchg dx, dx 0x13033: int 0x21 0x13035: and si, si 0x13037: mov word ptr [0x27], bx 0x1303b: and ah, ah 0x1303d: mov word ptr [0x29], es 0x13041: test dx, cx 0x13043: mov ax, cs 0x13045: xchg di, di 0x13047: mov es, ax 0x13049: mov ah, 0x1a 0x1304b: mov si, si 0x1304d: mov dx, 0xdc6 0x13050: xchg di, di 0x13052: int 0x21
2018-12-25T12:43:58.571926639Z	47	PC: 13035 \| Get disk transfer address
2018-12-25T12:43:58.573311216Z	26	PC: 13054 \| Set disk transfer address
2018-12-25T12:43:58.575590541Z	53	PC: 1305b \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:58.577020932Z	37	PC: 1307b \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:58.578989665Z	44	PC: 13670 \| Get time 0x13670: xor ax, ax 0x13672: add al, ch 0x13674: and si, si 0x13676: xor ch, ch 0x13678: test cx, si 0x1367a: add ax, cx 0x1367c: mov cx, cx 0x1367e: xchg dh, dl 0x13680: mov cx, dx 0x13682: and bp, bp 0x13684: xor ch, ch 0x13686: add ax, cx 0x13688: xchg si, si 0x1368a: xchg dh, dl 0x1368c: mov cx, dx 0x1368e: xor ch, ch 0x13690: mul cx 0x13692: pop bp 0x13693: mov cx, bp 0x13695: div cx
2018-12-25T12:43:58.600187705Z	44	PC: 13670 \| Get time (See above)
2018-12-25T12:43:58.60240462Z	25	PC: 1325a \| Get default drive
2018-12-25T12:43:58.603347441Z	54	PC: 1326f \| Get free disk space
2018-12-25T12:43:58.611916356Z	42	PC: 134dd \| Get date 0x134dd: and dx, dx 0x134df: and al, 1 0x134e1: cmp al, 1 0x134e3: jne 0x134e9 0x134e5: clc 0x134e6: jmp 0x134ea 0x134e8: nop 0x134e9: stc 0x134ea: pop ds 0x134eb: pop es 0x134ec: pop di 0x134ed: pop si 0x134ee: pop dx 0x134ef: pop cx 0x134f0: pop bx 0x134f1: pop ax 0x134f2: ret 0x134f3: pushf 0x134f4: push es 0x134f5: push ax
2018-12-25T12:43:58.614923999Z	37	PC: 131cf \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:58.615902091Z	26	PC: 131dc \| Set disk transfer address
2018-12-25T12:43:58.616934934Z	76	PC: 12f28 \| Terminate with return code (Return code = '76')

{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15596,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:43:58.690567378Z	42	PC: 133ec \| Get date 0x133ec: cmp dh, 9 0x133ef: je 0x133f4 0x133f1: jmp 0x1348b 0x133f4: mov byte ptr cs:[0x24], 2 0x133fa: mov al, byte ptr [0x24] 0x133fd: mov cx, 0x64 0x13400: test bp, si 0x13402: xor dx, dx 0x13404: inc dx 0x13405: mov dl, dl 0x13407: mov bx, 0 0x1340a: test si, bx 0x1340c: int 0x26 0x1340e: add sp, 2 0x13411: clc 0x13412: mov word ptr [0x564], ds 0x13416: xchg ah, ah 0x13418: mov cx, 0xffff 0x1341b: and dh, dh 0x1341d: mov bx, 0x55c
2018-12-25T12:43:58.692865252Z	42	PC: 13022 \| Get date 0x13022: test di, cx 0x13024: mov byte ptr [0x2b], al 0x13027: mov byte ptr cs:[0x2e], 0 0x1302d: and cx, cx 0x1302f: mov ah, 0x2f 0x13031: xchg dx, dx 0x13033: int 0x21 0x13035: and si, si 0x13037: mov word ptr [0x27], bx 0x1303b: and ah, ah 0x1303d: mov word ptr [0x29], es 0x13041: test dx, cx 0x13043: mov ax, cs 0x13045: xchg di, di 0x13047: mov es, ax 0x13049: mov ah, 0x1a 0x1304b: mov si, si 0x1304d: mov dx, 0xdc6 0x13050: xchg di, di 0x13052: int 0x21
2018-12-25T12:43:58.695425232Z	47	PC: 13035 \| Get disk transfer address
2018-12-25T12:43:58.696706638Z	26	PC: 13054 \| Set disk transfer address
2018-12-25T12:43:58.6979253Z	53	PC: 1305b \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:58.699835135Z	37	PC: 1307b \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:58.702119583Z	44	PC: 13670 \| Get time 0x13670: xor ax, ax 0x13672: add al, ch 0x13674: and si, si 0x13676: xor ch, ch 0x13678: test cx, si 0x1367a: add ax, cx 0x1367c: mov cx, cx 0x1367e: xchg dh, dl 0x13680: mov cx, dx 0x13682: and bp, bp 0x13684: xor ch, ch 0x13686: add ax, cx 0x13688: xchg si, si 0x1368a: xchg dh, dl 0x1368c: mov cx, dx 0x1368e: xor ch, ch 0x13690: mul cx 0x13692: pop bp 0x13693: mov cx, bp 0x13695: div cx
2018-12-25T12:43:58.727545246Z	44	PC: 13670 \| Get time (See above)
2018-12-25T12:43:58.730452072Z	25	PC: 1325a \| Get default drive
2018-12-25T12:43:58.731947457Z	54	PC: 1326f \| Get free disk space
2018-12-25T12:43:58.742444052Z	42	PC: 134dd \| Get date 0x134dd: and dx, dx 0x134df: and al, 1 0x134e1: cmp al, 1 0x134e3: jne 0x134e9 0x134e5: clc 0x134e6: jmp 0x134ea 0x134e8: nop 0x134e9: stc 0x134ea: pop ds 0x134eb: pop es 0x134ec: pop di 0x134ed: pop si 0x134ee: pop dx 0x134ef: pop cx 0x134f0: pop bx 0x134f1: pop ax 0x134f2: ret 0x134f3: pushf 0x134f4: push es 0x134f5: push ax
2018-12-25T12:43:58.746105757Z	78	PC: 1356c \| Find first file
2018-12-25T12:43:58.762545552Z	79	PC: 13598 \| Find next file
2018-12-25T12:43:58.766314674Z	79	PC: 13598 \| Find next file (See above)
2018-12-25T12:43:58.772154396Z	79	PC: 13598 \| Find next file (See above)
2018-12-25T12:43:58.775336296Z	79	PC: 13598 \| Find next file (See above)
2018-12-25T12:43:58.778115015Z	79	PC: 13598 \| Find next file (See above)
2018-12-25T12:43:58.780985026Z	79	PC: 13598 \| Find next file (See above)
2018-12-25T12:43:58.78387897Z	79	PC: 13598 \| Find next file (See above)
2018-12-25T12:43:58.786513534Z	79	PC: 13598 \| Find next file (See above)
2018-12-25T12:43:58.789198008Z	79	PC: 13598 \| Find next file (See above)
2018-12-25T12:43:58.792252478Z	44	PC: 13670 \| Get time (See above)
2018-12-25T12:43:58.812149881Z	44	PC: 13124 \| Get time 0x13124: test cx, bp 0x13126: mov byte ptr [0x2c], dh 0x1312a: mov al, byte ptr [0x2d] 0x1312d: test cx, bp 0x1312f: mov dx, 0xd2c 0x13132: test cx, bp 0x13134: call 0x135ae 0x13137: test cx, bp 0x13139: test cx, bp 0x1313b: test cx, bp 0x1313d: mov dx, 0xd2c 0x13140: test cx, bp 0x13142: call 0x136a3 0x13145: mov al, byte ptr [0x2e] 0x13148: test cx, bp 0x1314a: and al, 2 0x1314c: test cx, bp 0x1314e: cmp al, 2 0x13150: je 0x131ba 0x13152: mov byte ptr [0xd2f], 0
2018-12-25T12:43:58.815456948Z	78	PC: 135e9 \| Find first file
2018-12-25T12:43:58.823710281Z	79	PC: 13624 \| Find next file
2018-12-25T12:43:58.826611755Z	79	PC: 13624 \| Find next file (See above)
2018-12-25T12:43:58.829545008Z	79	PC: 13624 \| Find next file (See above)
2018-12-25T12:43:58.833225123Z	79	PC: 13624 \| Find next file (See above)
2018-12-25T12:43:58.836668384Z	79	PC: 13624 \| Find next file (See above)
2018-12-25T12:43:58.839453502Z	79	PC: 13624 \| Find next file (See above)
2018-12-25T12:43:58.842466132Z	79	PC: 13624 \| Find next file (See above)
2018-12-25T12:43:58.846229478Z	79	PC: 13624 \| Find next file (See above)
2018-12-25T12:43:58.849485546Z	79	PC: 13624 \| Find next file (See above)
2018-12-25T12:43:58.852891185Z	78	PC: 137ff \| Find first file
2018-12-25T12:43:58.86108874Z	78	PC: 137ff \| Find first file (See above)
2018-12-25T12:43:58.867949355Z	78	PC: 13726 \| Find first file
2018-12-25T12:43:58.87547116Z	37	PC: 131cf \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:43:58.878683334Z	26	PC: 131dc \| Set disk transfer address
2018-12-25T12:43:58.880771883Z	76	PC: 12f28 \| Terminate with return code (Return code = '76')