Sample viewer

vx.netlux.org/Virus.DOS.HLLC.6368

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:04:48.072585911Z	53	PC: 136da \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:04:48.075384841Z	53	PC: 136da \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:04:48.077439935Z	53	PC: 136da \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:04:48.078948024Z	53	PC: 136da \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:04:48.08081177Z	53	PC: 136da \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:04:48.082566858Z	53	PC: 136da \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:04:48.083984481Z	53	PC: 136da \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:04:48.085700827Z	53	PC: 136da \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:04:48.087364672Z	53	PC: 136da \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:04:48.088523976Z	53	PC: 136da \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:04:48.091697299Z	53	PC: 136da \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:04:48.097595203Z	53	PC: 136da \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:04:48.09962682Z	53	PC: 136da \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:04:48.104069318Z	53	PC: 136da \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:04:48.106039289Z	53	PC: 136da \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:04:48.10752771Z	53	PC: 136da \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:04:48.109016628Z	53	PC: 136da \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:04:48.111220974Z	53	PC: 136da \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:04:48.11274298Z	53	PC: 136da \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:04:48.114284165Z	37	PC: 136ef \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:04:48.117195049Z	37	PC: 136f7 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:04:48.118585609Z	37	PC: 136ff \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:04:48.120006713Z	37	PC: 13707 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:04:48.124132129Z	68	PC: 14052 \| I/O control for devices (Set for = '')
2018-12-17T22:04:48.239078521Z	37	PC: 12f71 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:04:48.241467346Z	26	PC: 13557 \| Set disk transfer address
2018-12-17T22:04:48.243602387Z	78	PC: 13563 \| Find first file
2018-12-17T22:04:48.250054824Z	26	PC: 1357b \| Set disk transfer address
2018-12-17T22:04:48.251442001Z	79	PC: 13580 \| Find next file
2018-12-17T22:04:48.254886918Z	26	PC: 13557 \| Set disk transfer address
2018-12-17T22:04:48.256059116Z	78	PC: 13563 \| Find first file
2018-12-17T22:04:48.261881479Z	26	PC: 1357b \| Set disk transfer address
2018-12-17T22:04:48.263693181Z	79	PC: 13580 \| Find next file
2018-12-17T22:04:48.266399544Z	26	PC: 1357b \| Set disk transfer address
2018-12-17T22:04:48.267413495Z	79	PC: 13580 \| Find next file
2018-12-17T22:04:48.270926069Z	26	PC: 1357b \| Set disk transfer address
2018-12-17T22:04:48.271979741Z	79	PC: 13580 \| Find next file
2018-12-17T22:04:48.274632999Z	26	PC: 1357b \| Set disk transfer address
2018-12-17T22:04:48.276184276Z	79	PC: 13580 \| Find next file
2018-12-17T22:04:48.278914121Z	26	PC: 1357b \| Set disk transfer address
2018-12-17T22:04:48.279896183Z	79	PC: 13580 \| Find next file
2018-12-17T22:04:48.282933321Z	26	PC: 1357b \| Set disk transfer address
2018-12-17T22:04:48.284145387Z	79	PC: 13580 \| Find next file
2018-12-17T22:04:48.286947737Z	26	PC: 1357b \| Set disk transfer address
2018-12-17T22:04:48.290453539Z	79	PC: 13580 \| Find next file
2018-12-17T22:04:48.293935548Z	67	PC: 13526 \| Get or set file attributes
2018-12-17T22:04:48.568251274Z	61	PC: 13b9d \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:04:48.573657029Z	60	PC: 13b9d \| Create or truncate file
2018-12-17T22:04:48.584706026Z	61	PC: 13b9d \| Open file (Filename = 'nomefile.com')
2018-12-17T22:04:48.594339685Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:04:48.595716171Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:04:48.598281979Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:04:48.599679783Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:04:48.600995987Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:04:48.603941365Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:04:48.605230731Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:04:48.606807136Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:04:48.608775045Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:04:48.610032144Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:04:48.611453381Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:04:48.613202999Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:04:48.615117888Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:04:48.616331963Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:04:48.618724102Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:04:48.619924659Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:04:48.621145482Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:04:48.623895072Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:04:48.625260751Z	37	PC: 13831 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:04:48.626634108Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.629524759Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.631752732Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.634162632Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.638070502Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.640135529Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.642197095Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.646217961Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.648834071Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.65119446Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.654415612Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.656665574Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.65885252Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.661768412Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.666980682Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.669325088Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.672652772Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.6753339Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.677331133Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.679780758Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.683715551Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.686350555Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.688804703Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.690978828Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.692997543Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.696032662Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.699346255Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.703005402Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.705815894Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.707791231Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.709692834Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.711568843Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.714195663Z	6	PC: 138b8 \| Direct console I/O
2018-12-17T22:04:48.717091979Z	76	PC: 13870 \| Terminate with return code (Return code = '2')