Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Frontier.9583

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:09:13.724025951Z 48 PC: 12b4b | Get DOS version
2018-12-17T23:09:13.72603864Z 53 PC: 12c86 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:09:13.727529953Z 53 PC: 12c93 | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T23:09:13.728914009Z 53 PC: 12ca0 | Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T23:09:13.731422169Z 53 PC: 12cad | Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T23:09:13.733013725Z 37 PC: 12cc1 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:09:13.734836362Z 74 PC: 12c18 | Reallocate memory
2018-12-17T23:09:13.739291087Z 37 PC: 14e9d | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:09:13.741338775Z 53 PC: 14e87 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:09:13.74307929Z 37 PC: 14e9d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:09:13.745018246Z 44 PC: 14df6 | Get time 0x14df6: mov bx, word ptr [bp + 4]
0x14df9: mov word ptr [bx], cx
0x14dfb: mov bx, word ptr [bp + 4]
0x14dfe: mov word ptr [bx + 2], dx
0x14e01: pop bp
0x14e02: ret
0x14e03: push bp
0x14e04: mov bp, sp
0x14e06: sub sp, 2
0x14e09: push si
0x14e0a: push di
0x14e0b: mov di, word ptr [bp + 4]
0x14e0e: push ds
0x14e0f: pop es
0x14e10: or di, di
0x14e12: je 0x14e2e
0x14e14: mov al, 0
0x14e16: mov ah, byte ptr [di]
0x14e18: mov cx, 0xffff
0x14e1b: cld
2018-12-17T23:09:13.749706808Z 42 PC: 14de2 | Get date 0x14de2: mov bx, word ptr [bp + 4]
0x14de5: mov word ptr [bx], cx
0x14de7: mov bx, word ptr [bp + 4]
0x14dea: mov word ptr [bx + 2], dx
0x14ded: pop bp
0x14dee: ret
0x14def: push bp
0x14df0: mov bp, sp
0x14df2: mov ah, 0x2c
0x14df4: int 0x21
0x14df6: mov bx, word ptr [bp + 4]
0x14df9: mov word ptr [bx], cx
0x14dfb: mov bx, word ptr [bp + 4]
0x14dfe: mov word ptr [bx + 2], dx
0x14e01: pop bp
0x14e02: ret
0x14e03: push bp
0x14e04: mov bp, sp
0x14e06: sub sp, 2
0x14e09: push si
2018-12-17T23:09:13.752210332Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:13.753557146Z 14 PC: 14cac | Set default drive (Drive = 'C')
2018-12-17T23:09:13.755934026Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:13.757511241Z 67 PC: 14335 | Get or set file attributes
2018-12-17T23:09:13.763934175Z 67 PC: 14335 | Get or set file attributes
2018-12-17T23:09:13.773243988Z 60 PC: 13a9b | Create or truncate file
2018-12-17T23:09:14.106992654Z 64 PC: 140f6 | Write file or device (Write 2 bytes on handle 5)
2018-12-17T23:09:14.116168699Z 62 PC: 13ea6 | Close file
2018-12-17T23:09:14.12489529Z 65 PC: 14248 | Delete file (Filename = '-')
2018-12-17T23:09:14.13580675Z 54 PC: 14eeb | Get free disk space
2018-12-17T23:09:14.179764163Z 14 PC: 14cac | Set default drive (Drive = 'D')
2018-12-17T23:09:14.187652536Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.189003638Z 14 PC: 14cac | Set default drive (Drive = 'E')
2018-12-17T23:09:14.190474077Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.202744704Z 14 PC: 14cac | Set default drive (Drive = 'F')
2018-12-17T23:09:14.204126113Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.20536271Z 14 PC: 14cac | Set default drive (Drive = 'G')
2018-12-17T23:09:14.20785524Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.211051433Z 14 PC: 14cac | Set default drive (Drive = 'H')
2018-12-17T23:09:14.212885007Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.21794642Z 14 PC: 14cac | Set default drive (Drive = 'I')
2018-12-17T23:09:14.220091682Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.222239624Z 14 PC: 14cac | Set default drive (Drive = 'J')
2018-12-17T23:09:14.225007009Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.226336212Z 14 PC: 14cac | Set default drive (Drive = 'K')
2018-12-17T23:09:14.227830483Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.230075579Z 14 PC: 14cac | Set default drive (Drive = 'L')
2018-12-17T23:09:14.231392172Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.2327299Z 14 PC: 14cac | Set default drive (Drive = 'M')
2018-12-17T23:09:14.234661585Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.244415675Z 14 PC: 14cac | Set default drive (Drive = 'N')
2018-12-17T23:09:14.245723294Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.247137656Z 14 PC: 14cac | Set default drive (Drive = 'O')
2018-12-17T23:09:14.24883503Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.250410358Z 14 PC: 14cac | Set default drive (Drive = 'P')
2018-12-17T23:09:14.252892327Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.254889501Z 14 PC: 14cac | Set default drive (Drive = 'Q')
2018-12-17T23:09:14.256508747Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.258058711Z 14 PC: 14cac | Set default drive (Drive = 'R')
2018-12-17T23:09:14.260180732Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.261646024Z 14 PC: 14cac | Set default drive (Drive = 'S')
2018-12-17T23:09:14.263138081Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.266365841Z 14 PC: 14cac | Set default drive (Drive = 'T')
2018-12-17T23:09:14.274872962Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.276487107Z 14 PC: 14cac | Set default drive (Drive = 'U')
2018-12-17T23:09:14.277879751Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.279428381Z 14 PC: 14cac | Set default drive (Drive = 'V')
2018-12-17T23:09:14.281138832Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.283126978Z 14 PC: 14cac | Set default drive (Drive = 'W')
2018-12-17T23:09:14.284825809Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.287185006Z 14 PC: 14cac | Set default drive (Drive = 'X')
2018-12-17T23:09:14.289738958Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.291274704Z 14 PC: 14cac | Set default drive (Drive = 'Y')
2018-12-17T23:09:14.292900726Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.295302764Z 14 PC: 14cac | Set default drive (Drive = 'Z')
2018-12-17T23:09:14.296641104Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.298291685Z 14 PC: 14cac | Set default drive (Drive = '[')
2018-12-17T23:09:14.305891611Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.307884011Z 67 PC: 14335 | Get or set file attributes
2018-12-17T23:09:14.317098991Z 61 PC: 13c2d | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T23:09:14.330982485Z 68 PC: 13d6c | I/O control for devices (Set for = '')
2018-12-17T23:09:14.333281507Z 63 PC: 13faa | Read file or device (Read 12420 bytes on handle 5)
2018-12-17T23:09:14.342141793Z 67 PC: 14335 | Get or set file attributes
2018-12-17T23:09:14.349535163Z 60 PC: 13a9b | Create or truncate file
2018-12-17T23:09:14.360813912Z 64 PC: 140f6 | Write file or device (Write 9581 bytes on handle 6)
2018-12-17T23:09:14.376675745Z 14 PC: 14cac | Set default drive (Drive = 'C')
2018-12-17T23:09:14.37936742Z 25 PC: 14c9d | Get default drive
2018-12-17T23:09:14.381718918Z 54 PC: 14eeb | Get free disk space
2018-12-17T23:09:14.388563721Z 67 PC: 14335 | Get or set file attributes
2018-12-17T23:09:14.395372494Z 67 PC: 14335 | Get or set file attributes
2018-12-17T23:09:14.401668038Z 60 PC: 13a9b | Create or truncate file
2018-12-17T23:09:14.415605459Z 64 PC: 140f6 | Write file or device (Write 2 bytes on handle 7)
2018-12-17T23:09:14.422122633Z 62 PC: 13ea6 | Close file
2018-12-17T23:09:14.432251641Z 65 PC: 14248 | Delete file (Filename = 'vicious')
2018-12-17T23:09:14.444014642Z 26 PC: 14da7 | Set disk transfer address
2018-12-17T23:09:14.446450302Z 78 PC: 14db1 | Find first file
2018-12-17T23:09:14.4529321Z 26 PC: 14da7 | Set disk transfer address
2018-12-17T23:09:14.454357033Z 78 PC: 14db1 | Find first file
2018-12-17T23:09:14.461495936Z 26 PC: 14dc9 | Set disk transfer address
2018-12-17T23:09:14.463101726Z 79 PC: 14dcd | Find next file
2018-12-17T23:09:14.466031247Z 26 PC: 14dc9 | Set disk transfer address
2018-12-17T23:09:14.468020051Z 79 PC: 14dcd | Find next file
2018-12-17T23:09:14.470383581Z 67 PC: 14335 | Get or set file attributes
2018-12-17T23:09:14.474234515Z 67 PC: 14335 | Get or set file attributes
2018-12-17T23:09:14.478307051Z 60 PC: 13a9b | Create or truncate file
2018-12-17T23:09:14.485456082Z 64 PC: 140f6 | Write file or device (Write 2 bytes on handle 7)
2018-12-17T23:09:14.488212959Z 62 PC: 13ea6 | Close file
2018-12-17T23:09:14.496579629Z 65 PC: 14248 | Delete file (Filename = 'vicious')
2018-12-17T23:09:14.509323805Z 26 PC: 14da7 | Set disk transfer address
2018-12-17T23:09:14.510433447Z 78 PC: 14db1 | Find first file
2018-12-17T23:09:14.52268639Z 61 PC: 13c2d | Open file (Filename = '\DOS\ATTRIB.EXE')
2018-12-17T23:09:14.532423582Z 68 PC: 13d6c | I/O control for devices (Set for = '')
2018-12-17T23:09:14.534500584Z 63 PC: 13faa | Read file or device (Read 12418 bytes on handle 7)
2018-12-17T23:09:14.54394864Z 62 PC: 13ea6 | Close file
2018-12-17T23:09:14.546203746Z 26 PC: 14dc9 | Set disk transfer address
2018-12-17T23:09:14.547748508Z 79 PC: 14dcd | Find next file
2018-12-17T23:09:14.552637942Z 61 PC: 13c2d | Open file (Filename = '\DOS\CHKDSK.EXE')
2018-12-17T23:09:14.560128206Z 68 PC: 13d6c | I/O control for devices (Set for = '')
2018-12-17T23:09:14.565028067Z 63 PC: 13faa | Read file or device (Read 12418 bytes on handle 7)
2018-12-17T23:09:14.575461158Z 62 PC: 13ea6 | Close file
2018-12-17T23:09:14.578402167Z 26 PC: 14dc9 | Set disk transfer address
2018-12-17T23:09:14.579621713Z 79 PC: 14dcd | Find next file
2018-12-17T23:09:14.583335913Z 61 PC: 13c2d | Open file (Filename = '\DOS\DEBUG.EXE')
2018-12-17T23:09:14.59287122Z 68 PC: 13d6c | I/O control for devices (Set for = '')
2018-12-17T23:09:14.595059912Z 63 PC: 13faa | Read file or device (Read 12418 bytes on handle 7)
2018-12-17T23:09:14.606048563Z 43 PC: 14f4e | Set date
2018-12-17T23:09:14.611151469Z 45 PC: 14f61 | Set time
2018-12-17T23:09:14.615174206Z 64 PC: 140f6 | Write file or device (Write 2 bytes on handle 6)
2018-12-17T23:09:14.618355276Z 66 PC: 1412d | Move file pointer
2018-12-17T23:09:14.620548606Z 63 PC: 13faa | Read file or device (Read 15718 bytes on handle 7)
2018-12-17T23:09:14.630179994Z 64 PC: 140f6 | Write file or device (Write 15718 bytes on handle 6)
2018-12-17T23:09:14.64200851Z 62 PC: 13ea6 | Close file
2018-12-17T23:09:14.645625646Z 62 PC: 13ea6 | Close file
2018-12-17T23:09:14.654098996Z 67 PC: 14335 | Get or set file attributes
2018-12-17T23:09:14.664932179Z 61 PC: 13c2d | Open file (Filename = '\DOS\DEBUG.EXE')
2018-12-17T23:09:14.673460387Z 68 PC: 13d6c | I/O control for devices (Set for = '')
2018-12-17T23:09:14.675712891Z 64 PC: 13ab7 | Write file or device (Write 0 bytes on handle 6)
2018-12-17T23:09:14.683077556Z 61 PC: 13c2d | Open file (Filename = 'c:\$$.$$')
2018-12-17T23:09:14.691010023Z 68 PC: 13d6c | I/O control for devices (Set for = '')
2018-12-17T23:09:14.693472987Z 63 PC: 13faa | Read file or device (Read 25301 bytes on handle 7)
2018-12-17T23:09:14.70547879Z 64 PC: 140f6 | Write file or device (Write 25301 bytes on handle 6)
2018-12-17T23:09:14.718814824Z 62 PC: 13ea6 | Close file
2018-12-17T23:09:14.720954632Z 62 PC: 13ea6 | Close file
2018-12-17T23:09:14.729097511Z 67 PC: 14335 | Get or set file attributes
2018-12-17T23:09:14.741622775Z 65 PC: 14248 | Delete file (Filename = 'c:\$$.$$')
2018-12-17T23:09:14.75384517Z 14 PC: 14cac | Set default drive (Drive = 'A')
2018-12-17T23:09:14.75535251Z 45 PC: 14f61 | Set time
2018-12-17T23:09:14.759754381Z 43 PC: 14f4e | Set date
2018-12-17T23:09:14.764323077Z 67 PC: 14335 | Get or set file attributes
2018-12-17T23:09:14.77104847Z 60 PC: 13a9b | Create or truncate file
2018-12-17T23:09:14.784017483Z 26 PC: 14da7 | Set disk transfer address
2018-12-17T23:09:14.785338848Z 78 PC: 14db1 | Find first file
2018-12-17T23:09:14.797648758Z 66 PC: 1412d | Move file pointer
2018-12-17T23:09:14.800850786Z 63 PC: 13faa | Read file or device (Read 30000 bytes on handle 5)
2018-12-17T23:09:14.810979318Z 64 PC: 140f6 | Write file or device (Write 30000 bytes on handle 6)
2018-12-17T23:09:14.825464584Z 63 PC: 13faa | Read file or device (Read 30000 bytes on handle 5)
2018-12-17T23:09:14.835241132Z 64 PC: 140f6 | Write file or device (Write 30000 bytes on handle 6)
2018-12-17T23:09:14.849933609Z 63 PC: 13faa | Read file or device (Read 2464 bytes on handle 5)
2018-12-17T23:09:14.859217966Z 64 PC: 140f6 | Write file or device (Write 2464 bytes on handle 6)
2018-12-17T23:09:14.868018719Z 62 PC: 13ea6 | Close file
2018-12-17T23:09:14.876479812Z 62 PC: 13ea6 | Close file
2018-12-17T23:09:14.878967936Z 43 PC: 14f4e | Set date
2018-12-17T23:09:14.883475339Z 45 PC: 14f61 | Set time
2018-12-17T23:09:14.88911275Z 67 PC: 14335 | Get or set file attributes
2018-12-17T23:09:14.911545535Z 61 PC: 13c2d | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T23:09:14.919354877Z 68 PC: 13d6c | I/O control for devices (Set for = '')
2018-12-17T23:09:14.921570616Z 64 PC: 13ab7 | Write file or device (Write 0 bytes on handle 5)
2018-12-17T23:09:14.934726321Z 61 PC: 13c2d | Open file (Filename = 'c:\$$.$$')
2018-12-17T23:09:14.942441909Z 68 PC: 13d6c | I/O control for devices (Set for = '')
2018-12-17T23:09:14.944732561Z 63 PC: 13faa | Read file or device (Read 30000 bytes on handle 6)
2018-12-17T23:09:14.959396541Z 64 PC: 140f6 | Write file or device (Write 30000 bytes on handle 5)
2018-12-17T23:09:14.971297648Z 63 PC: 13faa | Read file or device (Read 30000 bytes on handle 6)
2018-12-17T23:09:14.985184967Z 64 PC: 140f6 | Write file or device (Write 30000 bytes on handle 5)
2018-12-17T23:09:14.99689296Z 63 PC: 13faa | Read file or device (Read 2464 bytes on handle 6)
2018-12-17T23:09:15.00551614Z 64 PC: 140f6 | Write file or device (Write 2464 bytes on handle 5)
2018-12-17T23:09:15.017366391Z 62 PC: 13ea6 | Close file
2018-12-17T23:09:15.020811324Z 62 PC: 13ea6 | Close file
2018-12-17T23:09:15.031550926Z 67 PC: 14335 | Get or set file attributes
2018-12-17T23:09:15.043842268Z 65 PC: 14248 | Delete file (Filename = 'c:\$$.$$')
2018-12-17T23:09:15.055719971Z 45 PC: 14f61 | Set time
2018-12-17T23:09:15.060671373Z 43 PC: 14f4e | Set date
2018-12-17T23:09:15.066245189Z 55 PC: 14e69 | Get or set switch character
2018-12-17T23:09:15.06903209Z 41 PC: 14f9e | Parse filename
2018-12-17T23:09:15.071995196Z 41 PC: 14fac | Parse filename
2018-12-17T23:09:15.074119569Z 75 PC: 14fec | Execute program
2018-12-17T23:09:15.098962885Z 80 PC: 24129 | Set current PSP
2018-12-17T23:09:15.102072016Z 48 PC: 2412e | Get DOS version
2018-12-17T23:09:15.104194332Z 99 PC: 2a910 | Get DBCS lead byte table pointer
2018-12-17T23:09:15.107559998Z 101 PC: 241b4 | Get extended country info
2018-12-17T23:09:15.110199869Z 99 PC: 241ba | Get DBCS lead byte table pointer
2018-12-17T23:09:15.112103888Z 74 PC: 2421c | Reallocate memory
2018-12-17T23:09:15.11401562Z 25 PC: 24253 | Get default drive
2018-12-17T23:09:15.116189113Z 37 PC: 23d13 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T23:09:15.11741446Z 37 PC: 23d1a | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:09:15.119158495Z 37 PC: 23d21 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:09:15.124603359Z 74 PC: 22ebc | Reallocate memory
2018-12-17T23:09:15.126227377Z 72 PC: 22efd | Allocate memory
2018-12-17T23:09:15.127979337Z 72 PC: 22f35 | Allocate memory
2018-12-17T23:09:15.130206444Z 72 PC: 22f3d | Allocate memory