Sample viewer

vx.netlux.org/Virus.DOS.HLL.BigBug.9500.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:10:06.145773175Z 53 PC: 1523a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:10:06.156309243Z 53 PC: 1523a | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:10:06.157487999Z 53 PC: 1523a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:10:06.158541895Z 53 PC: 1523a | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:10:06.160240668Z 53 PC: 1523a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:10:06.161342065Z 53 PC: 1523a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:10:06.162383538Z 53 PC: 1523a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:10:06.163985502Z 53 PC: 1523a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:10:06.165037977Z 53 PC: 1523a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:10:06.16610077Z 53 PC: 1523a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:10:06.167479125Z 53 PC: 1523a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:10:06.1685155Z 53 PC: 1523a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:10:06.169557977Z 53 PC: 1523a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:10:06.175440873Z 53 PC: 1523a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:10:06.176460614Z 53 PC: 1523a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:10:06.177564977Z 53 PC: 1523a | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:10:06.178896642Z 53 PC: 1523a | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:10:06.179868532Z 53 PC: 1523a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:10:06.180853869Z 53 PC: 1523a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:10:06.182154377Z 37 PC: 1524f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:10:06.183325625Z 37 PC: 15257 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:10:06.184211802Z 37 PC: 1525f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:10:06.18532355Z 37 PC: 15267 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:10:06.187131584Z 68 PC: 15f8c | I/O control for devices (Set for = '')
2018-12-17T23:10:06.241752439Z 37 PC: 14921 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:10:06.243789648Z 44 PC: 16424 | Get time 0x16424: mov word ptr [0x800], cx
0x16428: mov word ptr [0x802], dx
0x1642c: retf
0x1642d: call 0x16474
0x16430: jb 0x16441
0x16432: mov cx, word ptr es:[di + 4]
0x16436: cmp cx, 1
0x16439: je 0x16441
0x1643b: xor bx, bx
0x1643d: push cs
0x1643e: call 0x25c4f
0x16441: retf 4
0x16444: call 0x16474
0x16447: jb 0x1645c
0x16449: mov ax, cx
0x1644b: mov dx, bx
0x1644d: mov cx, word ptr es:[di + 4]
0x16451: cmp cx, 1
0x16454: je 0x1645c
0x16456: xor bx, bx
2018-12-17T23:10:06.246742843Z 48 PC: 15b9d | Get DOS version
2018-12-17T23:10:06.248279446Z 61 PC: 159db | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T23:10:06.255659441Z 63 PC: 15aae | Read file or device (Read 9500 bytes on handle 5)
2018-12-17T23:10:06.263204593Z 66 PC: 1648e | Move file pointer
2018-12-17T23:10:06.265196977Z 66 PC: 1649c | Move file pointer
2018-12-17T23:10:06.266724841Z 66 PC: 164aa | Move file pointer
2018-12-17T23:10:06.268312756Z 48 PC: 15b9d | Get DOS version
2018-12-17T23:10:06.269929269Z 62 PC: 15a2b | Close file
2018-12-17T23:10:06.272081138Z 48 PC: 15b9d | Get DOS version
2018-12-17T23:10:06.274610539Z 26 PC: 14f4d | Set disk transfer address
2018-12-17T23:10:06.275669159Z 78 PC: 14f59 | Find first file
2018-12-17T23:10:06.281713716Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.283478079Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.286106769Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.287184901Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.290439966Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.291450177Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.293931781Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.296029812Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.29842562Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.299331915Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.302353789Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.303282274Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.305670364Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.307050375Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.309453899Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.310367867Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.31306097Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.313947291Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.316306288Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.317579033Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.319923507Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.320826034Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.323575693Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.324519958Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.326931848Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.328292879Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.330796745Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.331807413Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.33496064Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.335939054Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.339407671Z 60 PC: 159db | Create or truncate file
2018-12-17T23:10:06.814773969Z 64 PC: 15aae | Write file or device (Write 9500 bytes on handle 5)
2018-12-17T23:10:06.824137528Z 62 PC: 15a2b | Close file
2018-12-17T23:10:06.832662391Z 26 PC: 14f4d | Set disk transfer address
2018-12-17T23:10:06.834962904Z 78 PC: 14f59 | Find first file
2018-12-17T23:10:06.842028796Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.843046288Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.847432428Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.848448502Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.852581141Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.854212199Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.859645282Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.860880376Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.865277289Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.866414054Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.870183877Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.872105989Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.876194198Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.877443979Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.882702602Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.883894958Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.888266199Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.890359389Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.894539672Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.896417822Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.903167515Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.904714756Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.90974608Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.91297581Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.917531626Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.918890383Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.923820688Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:06.924971256Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:06.9290911Z 61 PC: 159db | Open file (Filename = 'TEST.EXE')
2018-12-17T23:10:06.935740685Z 66 PC: 15b0d | Move file pointer
2018-12-17T23:10:06.937004183Z 63 PC: 15aae | Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:10:06.939258729Z 66 PC: 1648e | Move file pointer
2018-12-17T23:10:06.941083403Z 66 PC: 1649c | Move file pointer
2018-12-17T23:10:06.943585884Z 66 PC: 164aa | Move file pointer
2018-12-17T23:10:06.944664813Z 66 PC: 1648e | Move file pointer
2018-12-17T23:10:06.946289131Z 66 PC: 1649c | Move file pointer
2018-12-17T23:10:06.947346218Z 66 PC: 164aa | Move file pointer
2018-12-17T23:10:06.948477533Z 66 PC: 15b0d | Move file pointer
2018-12-17T23:10:06.950279698Z 63 PC: 15aae | Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:10:06.952220619Z 62 PC: 15a2b | Close file
2018-12-17T23:10:06.953805276Z 61 PC: 159db | Open file (Filename = 'TEST.COM')
2018-12-17T23:10:06.960976444Z 60 PC: 159db | Create or truncate file
2018-12-17T23:10:06.967768503Z 64 PC: 15aae | Write file or device (Write 9500 bytes on handle 5)
2018-12-17T23:10:06.973159684Z 62 PC: 15a2b | Close file
2018-12-17T23:10:06.979352694Z 67 PC: 14eaf | Get or set file attributes
2018-12-17T23:10:06.984957906Z 67 PC: 14ed6 | Get or set file attributes
2018-12-17T23:10:06.995363736Z 61 PC: 159db | Open file (Filename = 'TEST.EXE')
2018-12-17T23:10:07.007301833Z 66 PC: 15b0d | Move file pointer
2018-12-17T23:10:07.008679895Z 63 PC: 15aae | Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:10:07.014910334Z 66 PC: 15b0d | Move file pointer
2018-12-17T23:10:07.017616577Z 63 PC: 15aae | Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:10:07.021792984Z 66 PC: 15b0d | Move file pointer
2018-12-17T23:10:07.023139389Z 63 PC: 15aae | Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:10:07.025843772Z 66 PC: 15b0d | Move file pointer
2018-12-17T23:10:07.02750415Z 63 PC: 15aae | Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:10:07.029913702Z 66 PC: 15b0d | Move file pointer
2018-12-17T23:10:07.031457283Z 63 PC: 15aae | Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:10:07.033928947Z 66 PC: 15b0d | Move file pointer
2018-12-17T23:10:07.035355519Z 63 PC: 15aae | Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:10:07.0379863Z 66 PC: 15b0d | Move file pointer
2018-12-17T23:10:07.039353157Z 63 PC: 15aae | Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:10:07.041740852Z 66 PC: 15b0d | Move file pointer
2018-12-17T23:10:07.043481937Z 63 PC: 15aae | Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:10:07.045902126Z 66 PC: 15b0d | Move file pointer
2018-12-17T23:10:07.047240977Z 63 PC: 15aae | Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:10:07.049937148Z 66 PC: 15b0d | Move file pointer
2018-12-17T23:10:07.051397982Z 63 PC: 15aae | Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:10:07.054098272Z 66 PC: 15b0d | Move file pointer
2018-12-17T23:10:07.056136978Z 63 PC: 15aae | Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:10:07.058872632Z 66 PC: 15b0d | Move file pointer
2018-12-17T23:10:07.060552347Z 63 PC: 15aae | Read file or device (Read 2000 bytes on handle 5)
2018-12-17T23:10:07.069181911Z 66 PC: 15b0d | Move file pointer
2018-12-17T23:10:07.070932227Z 64 PC: 15aae | Write file or device (Write 2000 bytes on handle 5)
2018-12-17T23:10:07.079935926Z 62 PC: 15a2b | Close file
2018-12-17T23:10:07.089280017Z 67 PC: 14ed6 | Get or set file attributes
2018-12-17T23:10:07.09979943Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:07.100983721Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:07.10608684Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:07.107635924Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:07.115541364Z 26 PC: 14f71 | Set disk transfer address
2018-12-17T23:10:07.117207097Z 79 PC: 14f76 | Find next file
2018-12-17T23:10:07.119764319Z 67 PC: 14ed6 | Get or set file attributes
2018-12-17T23:10:07.467580778Z 61 PC: 15f70 | Open file (Filename = 'c:\autoexec.bat')
2018-12-17T23:10:07.473040052Z 68 PC: 15f8c | I/O control for devices
2018-12-17T23:10:07.474847573Z 66 PC: 15fdb | Move file pointer
2018-12-17T23:10:07.476393077Z 66 PC: 15ff2 | Move file pointer
2018-12-17T23:10:07.478083087Z 63 PC: 15fff | Read file or device (Read 128 bytes on handle 5)
2018-12-17T23:10:07.481061894Z 64 PC: 15633 | Write file or device (Write 23 bytes on handle 5)
2018-12-17T23:10:07.484183186Z 62 PC: 15672 | Close file
2018-12-17T23:10:07.490195402Z 60 PC: 15f70 | Create or truncate file
2018-12-17T23:10:07.502094829Z 68 PC: 15f8c | I/O control for devices
2018-12-17T23:10:07.503963458Z 64 PC: 15633 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T23:10:07.511652026Z 64 PC: 15633 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T23:10:07.513979021Z 64 PC: 15633 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T23:10:07.516132555Z 64 PC: 15633 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T23:10:07.519036817Z 64 PC: 15633 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T23:10:07.523986526Z 64 PC: 15633 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T23:10:07.526175458Z 64 PC: 15633 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T23:10:07.529698309Z 64 PC: 15633 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T23:10:07.531922067Z 64 PC: 15633 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T23:10:07.536375243Z 64 PC: 15633 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T23:10:07.539298145Z 64 PC: 15633 | Write file or device (Write 16 bytes on handle 5)
2018-12-17T23:10:07.541361773Z 62 PC: 15672 | Close file
2018-12-17T23:10:07.548049841Z 37 PC: 15391 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:10:07.550424467Z 37 PC: 15391 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:10:07.551685246Z 37 PC: 15391 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:10:07.552801019Z 37 PC: 15391 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:10:07.554647622Z 37 PC: 15391 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:10:07.555653093Z 37 PC: 15391 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:10:07.556902409Z 37 PC: 15391 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:10:07.558628258Z 37 PC: 15391 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:10:07.559821693Z 37 PC: 15391 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:10:07.561020319Z 37 PC: 15391 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:10:07.562948721Z 37 PC: 15391 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:10:07.564306816Z 37 PC: 15391 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:10:07.565282739Z 37 PC: 15391 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:10:07.566788802Z 37 PC: 15391 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:10:07.567788419Z 37 PC: 15391 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:10:07.5690683Z 37 PC: 15391 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:10:07.570605077Z 37 PC: 15391 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:10:07.571604165Z 37 PC: 15391 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:10:07.573953672Z 37 PC: 15391 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:10:07.575322675Z 76 PC: 153d0 | Terminate with return code (Return code = '0')