Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Cool.8032

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:08:01.084631459Z 53 PC: 1372a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:08:01.086654812Z 53 PC: 1372a | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:08:01.08821742Z 53 PC: 1372a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:08:01.089730975Z 53 PC: 1372a | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:08:01.093935338Z 53 PC: 1372a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:08:01.095770648Z 53 PC: 1372a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:08:01.09778818Z 53 PC: 1372a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:08:01.099777098Z 53 PC: 1372a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:08:01.103090837Z 53 PC: 1372a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:08:01.105011417Z 53 PC: 1372a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:08:01.107567161Z 53 PC: 1372a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:08:01.110016044Z 53 PC: 1372a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:08:01.112027856Z 53 PC: 1372a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:08:01.113989563Z 53 PC: 1372a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:08:01.116849078Z 53 PC: 1372a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:08:01.118453704Z 53 PC: 1372a | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:08:01.12185665Z 53 PC: 1372a | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:08:01.125057297Z 53 PC: 1372a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:08:01.126615636Z 53 PC: 1372a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:08:01.128096159Z 37 PC: 1373f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:08:01.130882046Z 37 PC: 13747 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:08:01.133038429Z 37 PC: 1374f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:08:01.135163072Z 37 PC: 13757 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:08:01.138035652Z 68 PC: 143fc | I/O control for devices (Set for = ' ')
2018-12-17T23:08:01.140911387Z 48 PC: 14012 | Get DOS version
2018-12-17T23:08:01.143411076Z 61 PC: 13e50 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T23:08:01.150934608Z 63 PC: 13f23 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:08:01.158682922Z 66 PC: 13f82 | Move file pointer
2018-12-17T23:08:01.160826641Z 63 PC: 13f23 | Read file or device (Read 840 bytes on handle 5)
2018-12-17T23:08:01.16850311Z 66 PC: 13f82 | Move file pointer
2018-12-17T23:08:01.171869708Z 63 PC: 13f23 | Read file or device (Read 7152 bytes on handle 5)
2018-12-17T23:08:01.180773325Z 62 PC: 13ea0 | Close file
2018-12-17T23:08:01.183243338Z 26 PC: 135d5 | Set disk transfer address
2018-12-17T23:08:01.185836773Z 78 PC: 135e1 | Find first file
2018-12-17T23:08:01.192824387Z 61 PC: 13e50 | Open file (Filename = 'TEST.EXE')
2018-12-17T23:08:01.199946134Z 63 PC: 13f23 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:08:01.208145295Z 66 PC: 13f82 | Move file pointer
2018-12-17T23:08:01.209842325Z 63 PC: 13f23 | Read file or device (Read 868 bytes on handle 5)
2018-12-17T23:08:01.217704934Z 66 PC: 13f82 | Move file pointer
2018-12-17T23:08:01.224710161Z 60 PC: 13e50 | Create or truncate file
2018-12-17T23:08:01.244217479Z 63 PC: 13f23 | Read file or device (Read 5000 bytes on handle 5)
2018-12-17T23:08:01.252950775Z 64 PC: 13f23 | Write file or device (Write 5000 bytes on handle 6)
2018-12-17T23:08:01.263563273Z 63 PC: 13f23 | Read file or device (Read 5000 bytes on handle 5)
2018-12-17T23:08:01.272320794Z 64 PC: 13f23 | Write file or device (Write 3032 bytes on handle 6)
2018-12-17T23:08:01.282479499Z 63 PC: 13f23 | Read file or device (Read 5000 bytes on handle 5)
2018-12-17T23:08:01.285625382Z 66 PC: 13f82 | Move file pointer
2018-12-17T23:08:01.290783978Z 64 PC: 13f23 | Write file or device (Write 840 bytes on handle 6)
2018-12-17T23:08:01.299932625Z 66 PC: 1459d | Move file pointer
2018-12-17T23:08:01.301787412Z 66 PC: 145ab | Move file pointer
2018-12-17T23:08:01.304795777Z 66 PC: 145b9 | Move file pointer
2018-12-17T23:08:01.306662555Z 66 PC: 13f82 | Move file pointer
2018-12-17T23:08:01.308603534Z 66 PC: 1459d | Move file pointer
2018-12-17T23:08:01.31125664Z 66 PC: 145ab | Move file pointer
2018-12-17T23:08:01.31335241Z 66 PC: 145b9 | Move file pointer
2018-12-17T23:08:01.31530506Z 66 PC: 1459d | Move file pointer
2018-12-17T23:08:01.317856326Z 66 PC: 145ab | Move file pointer
2018-12-17T23:08:01.319761798Z 66 PC: 145b9 | Move file pointer
2018-12-17T23:08:01.321889507Z 64 PC: 13f23 | Write file or device (Write 12 bytes on handle 6)
2018-12-17T23:08:01.327448185Z 64 PC: 13f23 | Write file or device (Write 868 bytes on handle 6)
2018-12-17T23:08:01.337291969Z 66 PC: 1459d | Move file pointer
2018-12-17T23:08:01.339248236Z 66 PC: 145ab | Move file pointer
2018-12-17T23:08:01.341756991Z 66 PC: 145b9 | Move file pointer
2018-12-17T23:08:01.344052265Z 64 PC: 13f23 | Write file or device (Write 7152 bytes on handle 6)
2018-12-17T23:08:01.354635098Z 66 PC: 1459d | Move file pointer
2018-12-17T23:08:01.356883023Z 66 PC: 145ab | Move file pointer
2018-12-17T23:08:01.358832467Z 66 PC: 145b9 | Move file pointer
2018-12-17T23:08:01.360846012Z 66 PC: 1459d | Move file pointer
2018-12-17T23:08:01.362960998Z 66 PC: 145ab | Move file pointer
2018-12-17T23:08:01.36507981Z 66 PC: 145b9 | Move file pointer
2018-12-17T23:08:01.366900944Z 66 PC: 13f82 | Move file pointer
2018-12-17T23:08:01.368996262Z 64 PC: 13f23 | Write file or device (Write 28 bytes on handle 6)
2018-12-17T23:08:01.377214139Z 62 PC: 13ea0 | Close file
2018-12-17T23:08:01.386601835Z 65 PC: 13f99 | Delete file (Filename = 'TEST.EXE')
2018-12-17T23:08:01.400566995Z 86 PC: 13fdd | Rename file
2018-12-17T23:08:01.414109039Z 62 PC: 13ea0 | Close file
2018-12-17T23:08:01.416579754Z 26 PC: 135f9 | Set disk transfer address
2018-12-17T23:08:01.4180622Z 79 PC: 135fe | Find next file
2018-12-17T23:08:01.426541248Z 61 PC: 13e50 | Open file (Filename = 'TEST.EXE')
2018-12-17T23:08:01.445096455Z 63 PC: 13f23 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:08:01.448286221Z 62 PC: 13ea0 | Close file
2018-12-17T23:08:01.451007006Z 26 PC: 135f9 | Set disk transfer address
2018-12-17T23:08:01.452878984Z 79 PC: 135fe | Find next file
2018-12-17T23:08:01.455932574Z 26 PC: 135d5 | Set disk transfer address
2018-12-17T23:08:01.457432864Z 78 PC: 135e1 | Find first file
2018-12-17T23:08:01.464767761Z 61 PC: 13e50 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:08:01.473028439Z 63 PC: 13f23 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:08:01.481308232Z 66 PC: 13f82 | Move file pointer
2018-12-17T23:08:01.484163339Z 63 PC: 13f23 | Read file or device (Read 868 bytes on handle 5)
2018-12-17T23:08:01.487638982Z 64 PC: 13dab | Write file or device (Write 0 bytes on handle 1)
2018-12-17T23:08:01.490265529Z 37 PC: 13881 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:08:01.493028974Z 37 PC: 13881 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:08:01.494976264Z 37 PC: 13881 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:08:01.496642986Z 37 PC: 13881 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:08:01.50114583Z 37 PC: 13881 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:08:01.502804969Z 37 PC: 13881 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:08:01.504386321Z 37 PC: 13881 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:08:01.50642309Z 37 PC: 13881 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:08:01.508293856Z 37 PC: 13881 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:08:01.509842497Z 37 PC: 13881 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:08:01.511800998Z 37 PC: 13881 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:08:01.513510231Z 37 PC: 13881 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:08:01.514966188Z 37 PC: 13881 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:08:01.517021271Z 37 PC: 13881 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:08:01.518965165Z 37 PC: 13881 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:08:01.520517703Z 37 PC: 13881 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:08:01.522095298Z 37 PC: 13881 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:08:01.524630995Z 37 PC: 13881 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:08:01.525967888Z 37 PC: 13881 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:08:01.527438412Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.530559949Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.533093341Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.535754774Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.539097938Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.541709767Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.544283635Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.547227789Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.549977628Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.552490291Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.555794602Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.55911852Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.561596147Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.564778639Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.567303204Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.569941523Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.573183247Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.575770731Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.578308661Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.581132639Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.583792228Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.586375203Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.589193802Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.591824066Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.594297455Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.597265573Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.599664232Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.602149664Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.605751535Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.60828689Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.610801788Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.61351089Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.616483537Z 6 PC: 13908 | Direct console I/O
2018-12-17T23:08:01.620399187Z 76 PC: 138c0 | Terminate with return code (Return code = '100')