Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Hooters.5000

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:08:15.364340195Z 53 PC: 135da | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:08:15.36638963Z 53 PC: 135da | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:08:15.367549905Z 53 PC: 135da | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:08:15.368674619Z 53 PC: 135da | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:08:15.370128725Z 53 PC: 135da | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:08:15.371160937Z 53 PC: 135da | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:08:15.37215039Z 53 PC: 135da | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:08:15.386576755Z 53 PC: 135da | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:08:15.387659134Z 53 PC: 135da | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:08:15.388841866Z 53 PC: 135da | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:08:15.390379599Z 53 PC: 135da | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:08:15.391498404Z 53 PC: 135da | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:08:15.392572519Z 53 PC: 135da | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:08:15.394624908Z 53 PC: 135da | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:08:15.39600563Z 53 PC: 135da | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:08:15.397337607Z 53 PC: 135da | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:08:15.398928748Z 53 PC: 135da | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:08:15.400263005Z 53 PC: 135da | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:08:15.401408839Z 53 PC: 135da | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:08:15.40255088Z 37 PC: 135ef | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:08:15.404110947Z 37 PC: 135f7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:08:15.405472606Z 37 PC: 135ff | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:08:15.406618703Z 37 PC: 13607 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:08:15.408743266Z 68 PC: 14049 | I/O control for devices (Set for = '')
2018-12-17T22:08:15.410512936Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.412399611Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.418482738Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.42012148Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.421666091Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.424557266Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.426216626Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.427781588Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.430520643Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.432078503Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.433628275Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.435796975Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.437791962Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.439785487Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.442104866Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.445058486Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.446828534Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.44905305Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.450804018Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.45249095Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.454740672Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.456527205Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.458231138Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.460798284Z 41 PC: 12ef7 | Parse filename
2018-12-17T22:08:15.463107023Z 54 PC: 1334a | Get free disk space
2018-12-17T22:08:15.502602019Z 26 PC: 13421 | Set disk transfer address
2018-12-17T22:08:15.504937288Z 78 PC: 1342d | Find first file
2018-12-17T22:08:15.514814497Z 26 PC: 13445 | Set disk transfer address
2018-12-17T22:08:15.516199235Z 79 PC: 1344a | Find next file
2018-12-17T22:08:15.520184107Z 26 PC: 13445 | Set disk transfer address
2018-12-17T22:08:15.521506056Z 79 PC: 1344a | Find next file
2018-12-17T22:08:15.524142587Z 26 PC: 13445 | Set disk transfer address
2018-12-17T22:08:15.52595849Z 79 PC: 1344a | Find next file
2018-12-17T22:08:15.52922185Z 26 PC: 13421 | Set disk transfer address
2018-12-17T22:08:15.53058424Z 78 PC: 1342d | Find first file
2018-12-17T22:08:15.54095196Z 26 PC: 13445 | Set disk transfer address
2018-12-17T22:08:15.542375416Z 79 PC: 1344a | Find next file
2018-12-17T22:08:15.545651399Z 26 PC: 13445 | Set disk transfer address
2018-12-17T22:08:15.548194804Z 79 PC: 1344a | Find next file
2018-12-17T22:08:15.552203369Z 61 PC: 13a9d | Open file (Filename = 'C:\DOS\ATTRIB.EXE')
2018-12-17T22:08:15.559173855Z 63 PC: 13b70 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:08:15.56552946Z 66 PC: 13bcf | Move file pointer
2018-12-17T22:08:15.567252754Z 60 PC: 13a9d | Create or truncate file
2018-12-17T22:08:15.911641728Z 48 PC: 13c5f | Get DOS version
2018-12-17T22:08:15.913689015Z 61 PC: 13a9d | Open file (Filename = 'A:\TEST.COM')
2018-12-17T22:08:15.923241209Z 63 PC: 13b70 | Read file or device (Read 5000 bytes on handle 7)
2018-12-17T22:08:15.93091631Z 62 PC: 13aed | Close file
2018-12-17T22:08:15.933476173Z 64 PC: 13b70 | Write file or device (Write 5000 bytes on handle 6)
2018-12-17T22:08:15.943461319Z 63 PC: 13b70 | Read file or device (Read 5000 bytes on handle 5)
2018-12-17T22:08:15.955842587Z 64 PC: 13b70 | Write file or device (Write 5000 bytes on handle 6)
2018-12-17T22:08:15.968594965Z 66 PC: 141ea | Move file pointer
2018-12-17T22:08:15.970053965Z 66 PC: 141f8 | Move file pointer
2018-12-17T22:08:15.971306035Z 66 PC: 14206 | Move file pointer
2018-12-17T22:08:15.973915199Z 63 PC: 13b70 | Read file or device (Read 5000 bytes on handle 5)
2018-12-17T22:08:15.986587769Z 64 PC: 13b70 | Write file or device (Write 5000 bytes on handle 6)
2018-12-17T22:08:15.99553617Z 66 PC: 141ea | Move file pointer
2018-12-17T22:08:15.997318425Z 66 PC: 141f8 | Move file pointer
2018-12-17T22:08:15.998561145Z 66 PC: 14206 | Move file pointer
2018-12-17T22:08:16.000103409Z 63 PC: 13b70 | Read file or device (Read 5000 bytes on handle 5)
2018-12-17T22:08:16.012205358Z 64 PC: 13b70 | Write file or device (Write 1208 bytes on handle 6)
2018-12-17T22:08:16.016908798Z 66 PC: 141ea | Move file pointer
2018-12-17T22:08:16.018230721Z 66 PC: 141f8 | Move file pointer
2018-12-17T22:08:16.01973088Z 66 PC: 14206 | Move file pointer
2018-12-17T22:08:16.021560251Z 62 PC: 13aed | Close file
2018-12-17T22:08:16.023177121Z 65 PC: 13be6 | Delete file (Filename = 'C:\DOS\ATTRIB.EXE')
2018-12-17T22:08:16.034512683Z 87 PC: 133f1 | Get or set file date and time
2018-12-17T22:08:16.036169848Z 62 PC: 13aed | Close file
2018-12-17T22:08:16.040192527Z 86 PC: 13c2a | Rename file
2018-12-17T22:08:16.047072236Z 67 PC: 133aa | Get or set file attributes
2018-12-17T22:08:16.053606945Z 60 PC: 13a9d | Create or truncate file
2018-12-17T22:08:16.065935352Z 48 PC: 13c5f | Get DOS version
2018-12-17T22:08:16.067434509Z 61 PC: 13a9d | Open file (Filename = 'A:\TEST.COM')
2018-12-17T22:08:16.073806671Z 66 PC: 13bcf | Move file pointer
2018-12-17T22:08:16.07507645Z 63 PC: 13b70 | Read file or device (Read 5000 bytes on handle 6)
2018-12-17T22:08:16.096905827Z 64 PC: 13b70 | Write file or device (Write 5000 bytes on handle 5)
2018-12-17T22:08:16.106291656Z 66 PC: 141ea | Move file pointer
2018-12-17T22:08:16.107552392Z 66 PC: 141f8 | Move file pointer
2018-12-17T22:08:16.109288763Z 66 PC: 14206 | Move file pointer
2018-12-17T22:08:16.110855248Z 63 PC: 13b70 | Read file or device (Read 5000 bytes on handle 6)
2018-12-17T22:08:16.123557022Z 64 PC: 13b70 | Write file or device (Write 5000 bytes on handle 5)
2018-12-17T22:08:16.133547229Z 66 PC: 141ea | Move file pointer
2018-12-17T22:08:16.134906008Z 66 PC: 141f8 | Move file pointer
2018-12-17T22:08:16.136242023Z 66 PC: 14206 | Move file pointer
2018-12-17T22:08:16.138066452Z 63 PC: 13b70 | Read file or device (Read 5000 bytes on handle 6)
2018-12-17T22:08:16.151343054Z 64 PC: 13b70 | Write file or device (Write 1271 bytes on handle 5)
2018-12-17T22:08:16.159734762Z 66 PC: 141ea | Move file pointer
2018-12-17T22:08:16.162123332Z 66 PC: 141f8 | Move file pointer
2018-12-17T22:08:16.16412617Z 66 PC: 14206 | Move file pointer
2018-12-17T22:08:16.165854225Z 62 PC: 13aed | Close file
2018-12-17T22:08:16.174684033Z 67 PC: 133aa | Get or set file attributes
2018-12-17T22:08:16.185153478Z 41 PC: 13547 | Parse filename
2018-12-17T22:08:16.1867652Z 41 PC: 13555 | Parse filename
2018-12-17T22:08:16.188505528Z 75 PC: 13560 | Execute program
2018-12-17T22:08:16.209205053Z 80 PC: 191c9 | Set current PSP
2018-12-17T22:08:16.210061107Z 48 PC: 191ce | Get DOS version
2018-12-17T22:08:16.211587478Z 99 PC: 1f9b0 | Get DBCS lead byte table pointer
2018-12-17T22:08:16.215188101Z 101 PC: 19254 | Get extended country info
2018-12-17T22:08:16.21666978Z 99 PC: 1925a | Get DBCS lead byte table pointer
2018-12-17T22:08:16.218106022Z 74 PC: 192bc | Reallocate memory
2018-12-17T22:08:16.220544073Z 25 PC: 192f3 | Get default drive
2018-12-17T22:08:16.221830696Z 37 PC: 18db3 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:08:16.223094332Z 37 PC: 18dba | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:08:16.225390666Z 37 PC: 18dc1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:08:16.229979232Z 74 PC: 17f5c | Reallocate memory
2018-12-17T22:08:16.232056006Z 72 PC: 17f9d | Allocate memory
2018-12-17T22:08:16.23511455Z 72 PC: 17fd5 | Allocate memory
2018-12-17T22:08:16.237101522Z 72 PC: 17fdd | Allocate memory