Sample viewer

vx.netlux.org/Virus.DOS.HLLC.5296

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:07:48.511049444Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:07:48.512772353Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:07:48.514246667Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:07:48.51567142Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:07:48.517578846Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:07:48.519004009Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:07:48.520412922Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:07:48.539884976Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:07:48.541130655Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:07:48.542320672Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:07:48.544176165Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:07:48.545555652Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:07:48.546772924Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:07:48.548155722Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:07:48.549692212Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:07:48.550789087Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:07:48.551874788Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:07:48.553480761Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:07:48.554580252Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:07:48.555678772Z	37	PC: 12e8f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:07:48.568171775Z	37	PC: 12e97 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:07:48.569305878Z	37	PC: 12e9f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:07:48.570287175Z	37	PC: 12ea7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:07:48.572187562Z	68	PC: 13cc8 \| I/O control for devices (Set for = '\��s �\�� ')
2018-12-17T23:07:48.573689856Z	26	PC: 12dc5 \| Set disk transfer address
2018-12-17T23:07:48.574731408Z	78	PC: 12dd1 \| Find first file
2018-12-17T23:07:48.581154248Z	25	PC: 1399a \| Get default drive
2018-12-17T23:07:48.582131911Z	71	PC: 139ad \| Get current directory
2018-12-17T23:07:48.585355803Z	25	PC: 1399a \| Get default drive
2018-12-17T23:07:48.586970746Z	71	PC: 139ad \| Get current directory
2018-12-17T23:07:48.590018158Z	14	PC: 139f3 \| Set default drive (Drive = 'C')
2018-12-17T23:07:48.591351839Z	25	PC: 139f7 \| Get default drive
2018-12-17T23:07:48.593065475Z	59	PC: 13a61 \| Change current directory
2018-12-17T23:07:48.596916467Z	26	PC: 12dc5 \| Set disk transfer address
2018-12-17T23:07:48.598045158Z	78	PC: 12dd1 \| Find first file
2018-12-17T23:07:48.605281446Z	26	PC: 12dc5 \| Set disk transfer address
2018-12-17T23:07:48.6064849Z	78	PC: 12dd1 \| Find first file
2018-12-17T23:07:48.61183427Z	26	PC: 12de9 \| Set disk transfer address
2018-12-17T23:07:48.613419952Z	79	PC: 12dee \| Find next file
2018-12-17T23:07:48.615970618Z	26	PC: 12de9 \| Set disk transfer address
2018-12-17T23:07:48.616995817Z	79	PC: 12dee \| Find next file
2018-12-17T23:07:48.621895677Z	59	PC: 13a61 \| Change current directory
2018-12-17T23:07:48.627737854Z	26	PC: 12dc5 \| Set disk transfer address
2018-12-17T23:07:48.629004303Z	78	PC: 12dd1 \| Find first file
2018-12-17T23:07:48.638131237Z	25	PC: 1399a \| Get default drive
2018-12-17T23:07:48.639126531Z	71	PC: 139ad \| Get current directory
2018-12-17T23:07:48.642001785Z	61	PC: 13847 \| Open file (Filename = 'A:\\TEST.EXE')
2018-12-17T23:07:48.64514369Z	64	PC: 1359f \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T23:07:48.647230641Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:07:48.648263797Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:07:48.649800124Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:07:48.650872108Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:07:48.652045134Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:07:48.653666644Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:07:48.65488661Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:07:48.656272941Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:07:48.658526347Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:07:48.659681091Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:07:48.660838587Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:07:48.663014994Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:07:48.664170715Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:07:48.665337467Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:07:48.666580531Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:07:48.667701064Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:07:48.668730535Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:07:48.670097355Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:07:48.672128399Z	37	PC: 12fd1 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:07:48.674754044Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.676668507Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.67870122Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.680542841Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.683320066Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.687232615Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.689397048Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.691652091Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.694285786Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.696291273Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.698303882Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.710047761Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.712191175Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.714287961Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.716769521Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.718873851Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.720860058Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.723011812Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.725167065Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.72715033Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.745605175Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.74786382Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.749863749Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.752944823Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.754882422Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.756977095Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.759438472Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.761386132Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.763306403Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.766807938Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.769307911Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.771260017Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.775120007Z	6	PC: 13058 \| Direct console I/O
2018-12-17T23:07:48.778493751Z	76	PC: 13010 \| Terminate with return code (Return code = '5')