Sample viewer

vx.netlux.org/Virus.DOS.HLLO.TPPE.15600

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:07:51.507948079Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:07:51.509364081Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:07:51.510404526Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:07:51.51143466Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:07:51.512879383Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:07:51.513694754Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:07:51.514443606Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:07:51.515615629Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:07:51.516591596Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:07:51.517547437Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:07:51.518847655Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:07:51.520083228Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:07:51.521313302Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:07:51.522764596Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:07:51.523745832Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:07:51.52478368Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:07:51.537387121Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:07:51.538684007Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:07:51.539703162Z	53	PC: 1460a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:07:51.541327128Z	37	PC: 1461f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:07:51.542295588Z	37	PC: 14627 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:07:51.544075796Z	37	PC: 1462f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:07:51.546296321Z	37	PC: 14637 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:07:51.548514895Z	68	PC: 153a2 \| I/O control for devices (Set for = '')
2018-12-17T22:07:51.551527752Z	60	PC: 15386 \| Create or truncate file
2018-12-17T22:07:52.300078136Z	68	PC: 153a2 \| I/O control for devices (Set for = 'Q��')
2018-12-17T22:07:52.302524475Z	64	PC: 14a03 \| Write file or device (Write 26 bytes on handle 5)
2018-12-17T22:07:52.306265873Z	62	PC: 14a42 \| Close file
2018-12-17T22:07:52.314309221Z	41	PC: 1456b \| Parse filename
2018-12-17T22:07:52.316481943Z	41	PC: 14579 \| Parse filename
2018-12-17T22:07:52.318223832Z	75	PC: 14584 \| Execute program
2018-12-17T22:07:52.34437989Z	80	PC: 1da59 \| Set current PSP
2018-12-17T22:07:52.346065568Z	48	PC: 1da5e \| Get DOS version
2018-12-17T22:07:52.347875902Z	99	PC: 24240 \| Get DBCS lead byte table pointer
2018-12-17T22:07:52.351405194Z	101	PC: 1dae4 \| Get extended country info
2018-12-17T22:07:52.353171873Z	99	PC: 1daea \| Get DBCS lead byte table pointer
2018-12-17T22:07:52.35445905Z	74	PC: 1db4c \| Reallocate memory
2018-12-17T22:07:52.35583363Z	25	PC: 1db83 \| Get default drive
2018-12-17T22:07:52.357123606Z	37	PC: 1d643 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:07:52.358404671Z	37	PC: 1d64a \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:07:52.359451188Z	37	PC: 1d651 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:07:52.363642219Z	74	PC: 1c7ec \| Reallocate memory
2018-12-17T22:07:52.364965977Z	72	PC: 1c82d \| Allocate memory
2018-12-17T22:07:52.366658816Z	72	PC: 1c865 \| Allocate memory
2018-12-17T22:07:52.368627502Z	72	PC: 1c86d \| Allocate memory