Sample viewer

vx.netlux.org/Virus.DOS.HLLO.Nman.8752

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:07:47.565566069Z 53 PC: 136ea | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:07:47.567272282Z 53 PC: 136ea | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:07:47.568345019Z 53 PC: 136ea | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:07:47.569467361Z 53 PC: 136ea | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:07:47.572870741Z 53 PC: 136ea | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:07:47.574258903Z 53 PC: 136ea | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:07:47.575581017Z 53 PC: 136ea | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:07:47.5772292Z 53 PC: 136ea | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:07:47.579063936Z 53 PC: 136ea | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:07:47.580404952Z 53 PC: 136ea | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:07:47.581755365Z 53 PC: 136ea | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:07:47.58373157Z 53 PC: 136ea | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:07:47.584743736Z 53 PC: 136ea | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:07:47.585989063Z 53 PC: 136ea | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:07:47.587956174Z 53 PC: 136ea | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:07:47.588995743Z 53 PC: 136ea | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:07:47.590130888Z 53 PC: 136ea | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:07:47.591803098Z 53 PC: 136ea | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:07:47.593856402Z 53 PC: 136ea | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:07:47.595291729Z 37 PC: 136ff | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:07:47.596724564Z 37 PC: 13707 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:07:47.597742248Z 37 PC: 1370f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:07:47.598734566Z 37 PC: 13717 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:07:47.605415763Z 68 PC: 14755 | I/O control for devices (Set for = '=')
2018-12-17T23:07:47.607139171Z 25 PC: 14427 | Get default drive
2018-12-17T23:07:47.608411775Z 71 PC: 1443a | Get current directory
2018-12-17T23:07:47.612404062Z 48 PC: 1439a | Get DOS version
2018-12-17T23:07:47.622290296Z 25 PC: 14427 | Get default drive
2018-12-17T23:07:47.62340616Z 71 PC: 1443a | Get current directory
2018-12-17T23:07:47.626940079Z 25 PC: 14427 | Get default drive
2018-12-17T23:07:47.628828469Z 71 PC: 1443a | Get current directory
2018-12-17T23:07:47.637547801Z 14 PC: 14480 | Set default drive (Drive = 'C')
2018-12-17T23:07:47.639408896Z 25 PC: 14484 | Get default drive
2018-12-17T23:07:47.641325493Z 59 PC: 144ee | Change current directory
2018-12-17T23:07:47.645024607Z 26 PC: 1340f | Set disk transfer address
2018-12-17T23:07:47.646061007Z 78 PC: 1341b | Find first file
2018-12-17T23:07:47.651855548Z 26 PC: 1340f | Set disk transfer address
2018-12-17T23:07:47.652802534Z 78 PC: 1341b | Find first file
2018-12-17T23:07:47.658178578Z 26 PC: 13433 | Set disk transfer address
2018-12-17T23:07:47.660015064Z 79 PC: 13438 | Find next file
2018-12-17T23:07:47.66282974Z 26 PC: 13433 | Set disk transfer address
2018-12-17T23:07:47.664242938Z 79 PC: 13438 | Find next file
2018-12-17T23:07:47.667984061Z 59 PC: 144ee | Change current directory
2018-12-17T23:07:47.673753053Z 26 PC: 1340f | Set disk transfer address
2018-12-17T23:07:47.674717042Z 78 PC: 1341b | Find first file
2018-12-17T23:07:47.684069305Z 25 PC: 14427 | Get default drive
2018-12-17T23:07:47.685250458Z 71 PC: 1443a | Get current directory
2018-12-17T23:07:47.687867244Z 87 PC: 133b2 | Get or set file date and time
2018-12-17T23:07:47.690457197Z 67 PC: 13398 | Get or set file attributes
2018-12-17T23:07:48.043117156Z 61 PC: 141d8 | Open file (Filename = 'ATTRIB.EXE')
2018-12-17T23:07:48.05136432Z 60 PC: 141d8 | Create or truncate file
2018-12-17T23:07:48.063275024Z 63 PC: 142ab | Read file or device (Read 2048 bytes on handle 5)
2018-12-17T23:07:48.073690828Z 64 PC: 142ab | Write file or device (Write 2048 bytes on handle 6)
2018-12-17T23:07:48.082716205Z 63 PC: 142ab | Read file or device (Read 2048 bytes on handle 5)
2018-12-17T23:07:48.089840328Z 64 PC: 142ab | Write file or device (Write 2048 bytes on handle 6)
2018-12-17T23:07:48.097646519Z 63 PC: 142ab | Read file or device (Read 2048 bytes on handle 5)
2018-12-17T23:07:48.110131117Z 64 PC: 142ab | Write file or device (Write 2048 bytes on handle 6)
2018-12-17T23:07:48.119111476Z 63 PC: 142ab | Read file or device (Read 2048 bytes on handle 5)
2018-12-17T23:07:48.125370289Z 64 PC: 142ab | Write file or device (Write 2048 bytes on handle 6)
2018-12-17T23:07:48.132544494Z 63 PC: 142ab | Read file or device (Read 2048 bytes on handle 5)
2018-12-17T23:07:48.139809861Z 64 PC: 142ab | Write file or device (Write 2048 bytes on handle 6)
2018-12-17T23:07:48.15102012Z 63 PC: 142ab | Read file or device (Read 2048 bytes on handle 5)
2018-12-17T23:07:48.158244934Z 64 PC: 142ab | Write file or device (Write 968 bytes on handle 6)
2018-12-17T23:07:48.166293518Z 63 PC: 142ab | Read file or device (Read 2048 bytes on handle 5)
2018-12-17T23:07:48.168562622Z 62 PC: 14228 | Close file
2018-12-17T23:07:48.170541441Z 62 PC: 14228 | Close file
2018-12-17T23:07:48.179836157Z 61 PC: 141d8 | Open file (Filename = 'A:\\EST.EXE')
2018-12-17T23:07:48.182516771Z 64 PC: 13e0f | Write file or device (Write 0 bytes on handle 1)
2018-12-17T23:07:48.184206238Z 37 PC: 13841 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:07:48.185575029Z 37 PC: 13841 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:07:48.187319517Z 37 PC: 13841 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:07:48.188784506Z 37 PC: 13841 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:07:48.190452515Z 37 PC: 13841 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:07:48.192118412Z 37 PC: 13841 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:07:48.193434559Z 37 PC: 13841 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:07:48.195010289Z 37 PC: 13841 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:07:48.198140969Z 37 PC: 13841 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:07:48.199371557Z 37 PC: 13841 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:07:48.200643847Z 37 PC: 13841 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:07:48.202572378Z 37 PC: 13841 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:07:48.203665342Z 37 PC: 13841 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:07:48.20476091Z 37 PC: 13841 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:07:48.206978509Z 37 PC: 13841 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:07:48.208164336Z 37 PC: 13841 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:07:48.209277607Z 37 PC: 13841 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:07:48.211684229Z 37 PC: 13841 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:07:48.212785879Z 37 PC: 13841 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:07:48.213916657Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.216738939Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.21900344Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.221119758Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.224313816Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.226818697Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.229178242Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.232098877Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.23498855Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.237434059Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.240692176Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.242881209Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.24492615Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.248070079Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.250139312Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.252153163Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.25513826Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.257388851Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.259836212Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.262619786Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.265465691Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.267574546Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.271427228Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.273710475Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.275745955Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.27830148Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.283356403Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.285486291Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.287643426Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.290144802Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.292203879Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.29426203Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.296829789Z 6 PC: 138c8 | Direct console I/O
2018-12-17T23:07:48.300282305Z 76 PC: 13880 | Terminate with return code (Return code = '5')