Sample viewer

vx.netlux.org/Virus.DOS.HLLC.Wanna.8048

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:08:59.824417888Z 53 PC: 139ea | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:08:59.826053924Z 53 PC: 139ea | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:08:59.82720113Z 53 PC: 139ea | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:08:59.82826277Z 53 PC: 139ea | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:08:59.829884702Z 53 PC: 139ea | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:08:59.831283226Z 53 PC: 139ea | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:08:59.832861442Z 53 PC: 139ea | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:08:59.834186193Z 53 PC: 139ea | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:08:59.848438422Z 53 PC: 139ea | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:08:59.850394987Z 53 PC: 139ea | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:08:59.852299866Z 53 PC: 139ea | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:08:59.854440638Z 53 PC: 139ea | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:08:59.856331867Z 53 PC: 139ea | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:08:59.858261855Z 53 PC: 139ea | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:08:59.860405072Z 53 PC: 139ea | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:08:59.861767694Z 53 PC: 139ea | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:08:59.863155787Z 53 PC: 139ea | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:08:59.874061316Z 53 PC: 139ea | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:08:59.875474072Z 53 PC: 139ea | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:08:59.876898022Z 37 PC: 139ff | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:08:59.880112528Z 37 PC: 13a07 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:08:59.881407863Z 37 PC: 13a0f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:08:59.882719674Z 37 PC: 13a17 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:08:59.885441537Z 68 PC: 145b9 | I/O control for devices (Set for = '��E�I�K�M�O�� ')
2018-12-17T22:09:00.0722248Z 37 PC: 13411 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:09:00.074361805Z 44 PC: 146f0 | Get time 0x146f0: mov word ptr [0x3e], cx
0x146f4: mov word ptr [0x40], dx
0x146f8: retf
0x146f9: mov di, 0x52
0x146fc: push ds
0x146fd: pop es
0x146fe: mov cx, 0xd8c
0x14701: sub cx, di
0x14703: shr cx, 1
0x14705: xor ax, ax
0x14707: cld
0x14708: rep stosd dword ptr es:[di], eax
0x1470a: ret
0x1470b: add byte ptr [bx + si], al
0x1470d: add byte ptr [bx + si], al
0x1470f: add byte ptr [bx + si], al
0x14711: add byte ptr [bx + si], al
0x14713: add byte ptr [bx + si], al
0x14715: add byte ptr [bx + si], al
0x14717: add byte ptr [bx + si], al
2018-12-17T22:09:00.078336935Z 26 PC: 132b5 | Set disk transfer address
2018-12-17T22:09:00.079750187Z 78 PC: 132c1 | Find first file
2018-12-17T22:09:00.086265028Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.087930947Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.091395415Z 26 PC: 132b5 | Set disk transfer address
2018-12-17T22:09:00.092703782Z 78 PC: 132c1 | Find first file
2018-12-17T22:09:00.099107323Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.10117913Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.103766875Z 48 PC: 141fe | Get DOS version
2018-12-17T22:09:00.105768485Z 44 PC: 146f0 | Get time 0x146f0: mov word ptr [0x3e], cx
0x146f4: mov word ptr [0x40], dx
0x146f8: retf
0x146f9: mov di, 0x52
0x146fc: push ds
0x146fd: pop es
0x146fe: mov cx, 0xd8c
0x14701: sub cx, di
0x14703: shr cx, 1
0x14705: xor ax, ax
0x14707: cld
0x14708: rep stosd dword ptr es:[di], eax
0x1470a: ret
0x1470b: add byte ptr [bx + si], al
0x1470d: add byte ptr [bx + si], al
0x1470f: add byte ptr [bx + si], al
0x14711: add byte ptr [bx + si], al
0x14713: add byte ptr [bx + si], al
0x14715: add byte ptr [bx + si], al
0x14717: add byte ptr [bx + si], al
2018-12-17T22:09:00.109545011Z 26 PC: 132b5 | Set disk transfer address
2018-12-17T22:09:00.111054811Z 78 PC: 132c1 | Find first file
2018-12-17T22:09:00.119936778Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.126361777Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.129224173Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.133852731Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.137489781Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.146273769Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.149099561Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.151083602Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.153930527Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.155127034Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.158975656Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.160163959Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.162944081Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.171160859Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.173909842Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.175054635Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.178742433Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.17993354Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.193768036Z 26 PC: 132b5 | Set disk transfer address
2018-12-17T22:09:00.196764566Z 78 PC: 132c1 | Find first file
2018-12-17T22:09:00.203586931Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.20507427Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.209344897Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.210571737Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.213736655Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.215883894Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.219163443Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.220624941Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.223851053Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.226205603Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.229434967Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.230884454Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.234983499Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.236437646Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.239609693Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.241950271Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.245150836Z 26 PC: 132d9 | Set disk transfer address
2018-12-17T22:09:00.246592757Z 79 PC: 132de | Find next file
2018-12-17T22:09:00.249960373Z 59 PC: 14352 | Change current directory
2018-12-17T22:09:00.256253476Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:09:00.257622742Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:09:00.259618369Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:09:00.260948574Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:09:00.26228815Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:09:00.264260419Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:09:00.2655063Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:09:00.267568189Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:09:00.269557165Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:09:00.270922465Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:09:00.272271214Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:09:00.274284345Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:09:00.27559964Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:09:00.276911485Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:09:00.279030598Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:09:00.280502846Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:09:00.281814137Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:09:00.283764266Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:09:00.285088674Z 37 PC: 13b41 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:09:00.286425743Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.289289165Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.291565204Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.293789457Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.296753059Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.299107159Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.301321497Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.304229573Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.306617608Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.308832343Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.311761461Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.314157283Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.316376745Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.318816097Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.321838333Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.324068435Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.326296422Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.329468849Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.331684342Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.333891596Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.33705713Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.338880365Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.341134059Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.344234326Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.346444163Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.349376837Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.352177555Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.354410336Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.356623337Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.359600096Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.361946265Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.364153367Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.367052235Z 6 PC: 13bc8 | Direct console I/O
2018-12-17T22:09:00.370891534Z 76 PC: 13b80 | Terminate with return code (Return code = '3')