Sample viewer

vx.netlux.org/Virus.DOS.HLLP.NotFound.6176

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:05:01.925756614Z 37 PC: 13277 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:05:01.928260081Z 37 PC: 1327f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:05:01.929718134Z 37 PC: 13287 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:05:01.931516912Z 68 PC: 13f43 | I/O control for devices (Set for = '')
2018-12-17T22:05:01.934347868Z 48 PC: 13a6e | Get DOS version
2018-12-17T22:05:01.93618565Z 61 PC: 13920 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:05:01.943159001Z 63 PC: 139f3 | Read file or device (Read 6176 bytes on handle 5)
2018-12-17T22:05:01.95183895Z 66 PC: 14042 | Move file pointer
2018-12-17T22:05:01.953922471Z 66 PC: 14050 | Move file pointer
2018-12-17T22:05:01.955632459Z 66 PC: 1405e | Move file pointer
2018-12-17T22:05:01.95744275Z 62 PC: 13970 | Close file
2018-12-17T22:05:01.960656209Z 25 PC: 13afb | Get default drive
2018-12-17T22:05:01.962119517Z 71 PC: 13b0e | Get current directory
2018-12-17T22:05:01.965777577Z 26 PC: 13107 | Set disk transfer address
2018-12-17T22:05:01.96817555Z 78 PC: 13113 | Find first file
2018-12-17T22:05:01.974858633Z 48 PC: 13a6e | Get DOS version
2018-12-17T22:05:01.97664902Z 26 PC: 1312b | Set disk transfer address
2018-12-17T22:05:01.97882178Z 79 PC: 13130 | Find next file
2018-12-17T22:05:01.98146921Z 26 PC: 13107 | Set disk transfer address
2018-12-17T22:05:01.98277591Z 78 PC: 13113 | Find first file
2018-12-17T22:05:01.991987392Z 48 PC: 13a6e | Get DOS version
2018-12-17T22:05:01.993825954Z 67 PC: 130af | Get or set file attributes
2018-12-17T22:05:01.999340598Z 67 PC: 130d6 | Get or set file attributes
2018-12-17T22:05:02.015289745Z 61 PC: 13920 | Open file (Filename = 'A:\SLEEP.COM')
2018-12-17T22:05:02.03612077Z 63 PC: 139f3 | Read file or device (Read 6176 bytes on handle 5)
2018-12-17T22:05:02.04293543Z 66 PC: 13a52 | Move file pointer
2018-12-17T22:05:02.045610177Z 64 PC: 139f3 | Write file or device (Write 6176 bytes on handle 5)
2018-12-17T22:05:02.054403202Z 66 PC: 14042 | Move file pointer
2018-12-17T22:05:02.056145401Z 66 PC: 14050 | Move file pointer
2018-12-17T22:05:02.057958755Z 66 PC: 1405e | Move file pointer
2018-12-17T22:05:02.060264774Z 66 PC: 13a52 | Move file pointer
2018-12-17T22:05:02.061964115Z 64 PC: 139f3 | Write file or device (Write 407 bytes on handle 5)
2018-12-17T22:05:02.069569729Z 62 PC: 13970 | Close file
2018-12-17T22:05:02.077710653Z 67 PC: 130d6 | Get or set file attributes
2018-12-17T22:05:02.087694391Z 26 PC: 1312b | Set disk transfer address
2018-12-17T22:05:02.089547501Z 79 PC: 13130 | Find next file
2018-12-17T22:05:02.092766901Z 48 PC: 13a6e | Get DOS version
2018-12-17T22:05:02.094475338Z 67 PC: 130af | Get or set file attributes
2018-12-17T22:05:02.10186361Z 67 PC: 130d6 | Get or set file attributes
2018-12-17T22:05:02.111768605Z 61 PC: 13920 | Open file (Filename = 'A:\PRINT.COM')
2018-12-17T22:05:02.118605107Z 63 PC: 139f3 | Read file or device (Read 6176 bytes on handle 5)
2018-12-17T22:05:02.12608979Z 66 PC: 13a52 | Move file pointer
2018-12-17T22:05:02.128254858Z 64 PC: 139f3 | Write file or device (Write 6176 bytes on handle 5)
2018-12-17T22:05:02.153694958Z 66 PC: 14042 | Move file pointer
2018-12-17T22:05:02.155527307Z 66 PC: 14050 | Move file pointer
2018-12-17T22:05:02.157586664Z 66 PC: 1405e | Move file pointer
2018-12-17T22:05:02.159000314Z 66 PC: 13a52 | Move file pointer
2018-12-17T22:05:02.160415997Z 64 PC: 139f3 | Write file or device (Write 27 bytes on handle 5)
2018-12-17T22:05:02.163758314Z 62 PC: 13970 | Close file
2018-12-17T22:05:02.183318873Z 67 PC: 130d6 | Get or set file attributes
2018-12-17T22:05:02.19357653Z 26 PC: 1312b | Set disk transfer address
2018-12-17T22:05:02.195663318Z 79 PC: 13130 | Find next file
2018-12-17T22:05:02.213934124Z 48 PC: 13a6e | Get DOS version
2018-12-17T22:05:02.215762769Z 67 PC: 130af | Get or set file attributes
2018-12-17T22:05:02.222504146Z 67 PC: 130d6 | Get or set file attributes
2018-12-17T22:05:02.232286576Z 61 PC: 13920 | Open file (Filename = 'A:\HELLO.COM')
2018-12-17T22:05:02.238916509Z 63 PC: 139f3 | Read file or device (Read 6176 bytes on handle 5)
2018-12-17T22:05:02.246345802Z 66 PC: 13a52 | Move file pointer
2018-12-17T22:05:02.247758242Z 64 PC: 139f3 | Write file or device (Write 6176 bytes on handle 5)
2018-12-17T22:05:02.256941656Z 66 PC: 14042 | Move file pointer
2018-12-17T22:05:02.259236819Z 66 PC: 14050 | Move file pointer
2018-12-17T22:05:02.260860951Z 66 PC: 1405e | Move file pointer
2018-12-17T22:05:02.262606402Z 66 PC: 13a52 | Move file pointer
2018-12-17T22:05:02.264949336Z 64 PC: 139f3 | Write file or device (Write 92 bytes on handle 5)
2018-12-17T22:05:02.267876723Z 62 PC: 13970 | Close file
2018-12-17T22:05:02.276065291Z 67 PC: 130d6 | Get or set file attributes
2018-12-17T22:05:02.286632212Z 26 PC: 1312b | Set disk transfer address
2018-12-17T22:05:02.287729999Z 79 PC: 13130 | Find next file
2018-12-17T22:05:02.290903561Z 48 PC: 13a6e | Get DOS version
2018-12-17T22:05:02.293397653Z 67 PC: 130af | Get or set file attributes
2018-12-17T22:05:02.299282507Z 67 PC: 130d6 | Get or set file attributes
2018-12-17T22:05:02.309150094Z 61 PC: 13920 | Open file (Filename = 'A:\PHANG.COM')
2018-12-17T22:05:02.321432178Z 63 PC: 139f3 | Read file or device (Read 6176 bytes on handle 5)
2018-12-17T22:05:02.328450631Z 66 PC: 13a52 | Move file pointer
2018-12-17T22:05:02.3302224Z 64 PC: 139f3 | Write file or device (Write 6176 bytes on handle 5)
2018-12-17T22:05:02.339716284Z 66 PC: 14042 | Move file pointer
2018-12-17T22:05:02.341279039Z 66 PC: 14050 | Move file pointer
2018-12-17T22:05:02.34291133Z 66 PC: 1405e | Move file pointer
2018-12-17T22:05:02.345393773Z 66 PC: 13a52 | Move file pointer
2018-12-17T22:05:02.347264179Z 64 PC: 139f3 | Write file or device (Write 29 bytes on handle 5)
2018-12-17T22:05:02.350249999Z 62 PC: 13970 | Close file
2018-12-17T22:05:02.358998428Z 67 PC: 130d6 | Get or set file attributes
2018-12-17T22:05:02.369019869Z 26 PC: 1312b | Set disk transfer address
2018-12-17T22:05:02.370407894Z 79 PC: 13130 | Find next file
2018-12-17T22:05:02.374291066Z 48 PC: 13a6e | Get DOS version
2018-12-17T22:05:02.376032685Z 67 PC: 130af | Get or set file attributes
2018-12-17T22:05:02.381881641Z 67 PC: 130d6 | Get or set file attributes
2018-12-17T22:05:02.393019131Z 61 PC: 13920 | Open file (Filename = 'A:\PRINTA~1.COM')
2018-12-17T22:05:02.400285961Z 63 PC: 139f3 | Read file or device (Read 6176 bytes on handle 5)
2018-12-17T22:05:02.406912151Z 66 PC: 13a52 | Move file pointer
2018-12-17T22:05:02.409394843Z 64 PC: 139f3 | Write file or device (Write 6176 bytes on handle 5)
2018-12-17T22:05:02.418787058Z 66 PC: 14042 | Move file pointer
2018-12-17T22:05:02.420467144Z 66 PC: 14050 | Move file pointer
2018-12-17T22:05:02.422352057Z 66 PC: 1405e | Move file pointer
2018-12-17T22:05:02.425773708Z 66 PC: 13a52 | Move file pointer
2018-12-17T22:05:02.429263116Z 64 PC: 139f3 | Write file or device (Write 29 bytes on handle 5)
2018-12-17T22:05:02.433798799Z 62 PC: 13970 | Close file
2018-12-17T22:05:02.444936059Z 67 PC: 130d6 | Get or set file attributes
2018-12-17T22:05:02.4564382Z 26 PC: 1312b | Set disk transfer address
2018-12-17T22:05:02.457784894Z 79 PC: 13130 | Find next file
2018-12-17T22:05:02.461934952Z 26 PC: 13107 | Set disk transfer address
2018-12-17T22:05:02.463206602Z 78 PC: 13113 | Find first file
2018-12-17T22:05:02.470501614Z 61 PC: 13920 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:05:02.47807174Z 66 PC: 14042 | Move file pointer
2018-12-17T22:05:02.479466555Z 66 PC: 14050 | Move file pointer
2018-12-17T22:05:02.480808865Z 66 PC: 1405e | Move file pointer
2018-12-17T22:05:02.482845497Z 66 PC: 14042 | Move file pointer
2018-12-17T22:05:02.484178475Z 66 PC: 14050 | Move file pointer
2018-12-17T22:05:02.485647446Z 66 PC: 1405e | Move file pointer
2018-12-17T22:05:02.488218083Z 66 PC: 13a52 | Move file pointer
2018-12-17T22:05:02.489680296Z 63 PC: 139f3 | Read file or device (Read 6176 bytes on handle 5)
2018-12-17T22:05:02.498199109Z 66 PC: 13a52 | Move file pointer
2018-12-17T22:05:02.500941176Z 64 PC: 139f3 | Write file or device (Write 6176 bytes on handle 5)
2018-12-17T22:05:02.510145195Z 62 PC: 13970 | Close file
2018-12-17T22:05:02.517844125Z 48 PC: 13a6e | Get DOS version
2018-12-17T22:05:02.519779326Z 41 PC: 131bf | Parse filename
2018-12-17T22:05:02.521237151Z 41 PC: 131cd | Parse filename
2018-12-17T22:05:02.5228663Z 75 PC: 131d8 | Execute program
2018-12-17T22:05:02.540198006Z 9 PC: 1e46a | Display string (String= '�����8  � ����������������p�Qu�����!� X�PWV.�>b�.� �t�_u')
2018-12-17T22:05:02.544410864Z 76 PC: 1e470 | Terminate with return code (Return code = '0')
2018-12-17T22:05:02.547609558Z 48 PC: 13a6e | Get DOS version
2018-12-17T22:05:02.550274094Z 61 PC: 13920 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:05:02.557183203Z 64 PC: 139f3 | Write file or device (Write 6176 bytes on handle 5)
2018-12-17T22:05:02.566522911Z 62 PC: 13970 | Close file
2018-12-17T22:05:02.575590985Z 64 PC: 13678 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:05:02.57792646Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:05:02.579411938Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:05:02.581629445Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:05:02.583368666Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:05:02.584812066Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:05:02.587054065Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:05:02.588779731Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:05:02.590680311Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:05:02.592884754Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:05:02.594615056Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:05:02.596032425Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:05:02.598199364Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:05:02.599900337Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:05:02.602035905Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:05:02.603640977Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:05:02.605844501Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:05:02.607139056Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:05:02.608479751Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:05:02.610638625Z 37 PC: 133b1 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:05:02.611756861Z 76 PC: 133f0 | Terminate with return code (Return code = '0')