Sample viewer

vx.netlux.org/Virus.DOS.HLLO.Nman.12061

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:07:36.777875404Z	48	PC: 12a4c \| Get DOS version
2018-12-17T23:07:36.785876393Z	53	PC: 12bf2 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:07:36.787314702Z	53	PC: 12bff \| Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T23:07:36.788636646Z	53	PC: 12c0c \| Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T23:07:36.790680727Z	53	PC: 12c19 \| Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T23:07:36.791770667Z	37	PC: 12c2d \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:07:36.793077664Z	74	PC: 12af7 \| Reallocate memory
2018-12-17T23:07:36.795840182Z	68	PC: 12fa9 \| I/O control for devices (Set for = 'pyright 1991 Borland Intl.')
2018-12-17T23:07:36.797784837Z	68	PC: 12fa9 \| I/O control for devices (Set for = '')
2018-12-17T23:07:36.800102387Z	67	PC: 1365a \| Get or set file attributes
2018-12-17T23:07:36.805793048Z	61	PC: 1402e \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T23:07:36.813435064Z	68	PC: 132a8 \| I/O control for devices (Set for = '��')
2018-12-17T23:07:36.814922145Z	68	PC: 12fa9 \| I/O control for devices
2018-12-17T23:07:36.816862453Z	63	PC: 13144 \| Read file or device (Read 11776 bytes on handle 5)
2018-12-17T23:07:36.837398164Z	62	PC: 13695 \| Close file
2018-12-17T23:07:36.838755621Z	47	PC: 1381e \| Get disk transfer address
2018-12-17T23:07:36.839582877Z	26	PC: 13827 \| Set disk transfer address
2018-12-17T23:07:36.842238429Z	78	PC: 13831 \| Find first file
2018-12-17T23:07:36.854286608Z	26	PC: 1383a \| Set disk transfer address
2018-12-17T23:07:36.856649781Z	67	PC: 1365a \| Get or set file attributes
2018-12-17T23:07:36.862834289Z	61	PC: 1402e \| Open file (Filename = '��;�w�\|')
2018-12-17T23:07:36.86908969Z	68	PC: 132a8 \| I/O control for devices (Set for = '')
2018-12-17T23:07:36.870748884Z	68	PC: 12fa9 \| I/O control for devices
2018-12-17T23:07:36.873395305Z	63	PC: 13144 \| Read file or device (Read 11776 bytes on handle 5)
2018-12-17T23:07:36.883317601Z	66	PC: 13067 \| Move file pointer
2018-12-17T23:07:36.88498056Z	64	PC: 14646 \| Write file or device (Write 12061 bytes on handle 5)
2018-12-17T23:07:36.901905215Z	62	PC: 13695 \| Close file
2018-12-17T23:07:36.910001502Z	47	PC: 13851 \| Get disk transfer address
2018-12-17T23:07:36.911242434Z	26	PC: 1385a \| Set disk transfer address
2018-12-17T23:07:36.91313143Z	79	PC: 1385e \| Find next file
2018-12-17T23:07:36.91548424Z	26	PC: 13867 \| Set disk transfer address
2018-12-17T23:07:36.916949534Z	37	PC: 12c39 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:07:36.929509643Z	37	PC: 12c44 \| Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T23:07:36.93078245Z	37	PC: 12c4f \| Set interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T23:07:36.931969071Z	37	PC: 12c5a \| Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T23:07:36.935210416Z	62	PC: 13695 \| Close file
2018-12-17T23:07:36.93718589Z	62	PC: 13695 \| Close file
2018-12-17T23:07:36.939021122Z	62	PC: 13695 \| Close file
2018-12-17T23:07:36.941249949Z	62	PC: 13695 \| Close file
2018-12-17T23:07:36.94361648Z	62	PC: 13695 \| Close file
2018-12-17T23:07:36.945828307Z	76	PC: 12be3 \| Terminate with return code (Return code = '0')