Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Rhape.11056

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T21:52:19.144492197Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:52:19.147073826Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:52:19.148248523Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:52:19.14939636Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:52:19.152029784Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:52:19.153268085Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:19.154358174Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:52:19.155658078Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:52:19.157978475Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:52:19.159375983Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:52:19.160643289Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:52:19.163660564Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:52:19.165710427Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:52:19.167840748Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:52:19.176172796Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:52:19.177258099Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:52:19.178194211Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:52:19.180006348Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:52:19.181200574Z	53	PC: 1420a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:52:19.18830523Z	37	PC: 1421f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:52:19.190717132Z	37	PC: 14227 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:52:19.194806247Z	37	PC: 1422f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:19.195958849Z	37	PC: 14237 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:52:19.1985816Z	68	PC: 15051 \| I/O control for devices (Set for = '�F')
2018-12-17T21:52:19.324753294Z	64	PC: 14628 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:19.326608829Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:52:19.328747919Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:52:19.330014529Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:52:19.331617778Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:52:19.334374136Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:52:19.335916632Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:19.337527581Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:52:19.339927717Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:52:19.341196645Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:52:19.342199283Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:52:19.344054757Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:52:19.345291701Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:52:19.346435016Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:52:19.348309789Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:52:19.349826339Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:52:19.351379343Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:52:19.353501524Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:52:19.35515083Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:52:19.35679439Z	37	PC: 14361 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:52:19.358614935Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.360935797Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.363312298Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.366421535Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.368708738Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.371496759Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.374175532Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.376099383Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.378223021Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.380828394Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.382937707Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.384875177Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.387650009Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.390029579Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.392102818Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.394646236Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.396831537Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.399025997Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.401765224Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.404077538Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.406341022Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.408936841Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.412421302Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.414629936Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.417367625Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.419421128Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.42145726Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.423734913Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.425635239Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.427707188Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.430321771Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.432355172Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.434473192Z	6	PC: 143e8 \| Direct console I/O
2018-12-17T21:52:19.438372948Z	76	PC: 143a0 \| Terminate with return code (Return code = '200')