Sample viewer

vx.netlux.org/Virus.DOS.HLLO.Energy.5312

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T21:50:37.335835984Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:50:37.337431121Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:50:37.338629816Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:50:37.339786666Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:50:37.34206707Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:50:37.343179484Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:50:37.344266277Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:50:37.345744663Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:50:37.346990076Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:50:37.347986146Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:50:37.349568088Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:50:37.350772644Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:50:37.351889588Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:50:37.353806402Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:50:37.354928137Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:50:37.355948125Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:50:37.356913226Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:50:37.358115688Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:50:37.359015113Z	53	PC: 12e8a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:50:37.35999392Z	37	PC: 12e9f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:50:37.361391793Z	37	PC: 12ea7 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:50:37.362433897Z	37	PC: 12eaf \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:50:37.363534574Z	37	PC: 12eb7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:50:37.366922599Z	68	PC: 13cd8 \| I/O control for devices (Set for = '�þC�3�� tFV��.��Nr��Ї�^t��Zi��')
2018-12-17T21:50:37.368544241Z	26	PC: 12dd5 \| Set disk transfer address
2018-12-17T21:50:37.369562523Z	78	PC: 12de1 \| Find first file
2018-12-17T21:50:37.377269691Z	26	PC: 12df9 \| Set disk transfer address
2018-12-17T21:50:37.378334109Z	79	PC: 12dfe \| Find next file
2018-12-17T21:50:37.381017968Z	25	PC: 139aa \| Get default drive
2018-12-17T21:50:37.382790461Z	71	PC: 139bd \| Get current directory
2018-12-17T21:50:37.385656022Z	14	PC: 13a03 \| Set default drive (Drive = 'C')
2018-12-17T21:50:37.386754635Z	25	PC: 13a07 \| Get default drive
2018-12-17T21:50:37.388202349Z	59	PC: 13a71 \| Change current directory
2018-12-17T21:50:37.391865237Z	26	PC: 12dd5 \| Set disk transfer address
2018-12-17T21:50:37.392814787Z	78	PC: 12de1 \| Find first file
2018-12-17T21:50:37.398751903Z	26	PC: 12dd5 \| Set disk transfer address
2018-12-17T21:50:37.399721247Z	78	PC: 12de1 \| Find first file
2018-12-17T21:50:37.404825714Z	26	PC: 12df9 \| Set disk transfer address
2018-12-17T21:50:37.406279942Z	79	PC: 12dfe \| Find next file
2018-12-17T21:50:37.408812887Z	26	PC: 12df9 \| Set disk transfer address
2018-12-17T21:50:37.409804802Z	79	PC: 12dfe \| Find next file
2018-12-17T21:50:37.413368652Z	59	PC: 13a71 \| Change current directory
2018-12-17T21:50:37.419273558Z	26	PC: 12dd5 \| Set disk transfer address
2018-12-17T21:50:37.420380595Z	78	PC: 12de1 \| Find first file
2018-12-17T21:50:37.429757267Z	25	PC: 139aa \| Get default drive
2018-12-17T21:50:37.431167038Z	71	PC: 139bd \| Get current directory
2018-12-17T21:50:37.434299038Z	61	PC: 13857 \| Open file (Filename = '\TEST.EXE')
2018-12-17T21:50:37.44091654Z	64	PC: 135af \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:50:37.443324723Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:50:37.444371913Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:50:37.446350029Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:50:37.450276964Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:50:37.451691214Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:50:37.46039302Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:50:37.461570449Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:50:37.462651646Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:50:37.46439491Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:50:37.466052518Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:50:37.467123007Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:50:37.468363282Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:50:37.469889411Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:50:37.471416804Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:50:37.472919605Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:50:37.474632442Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:50:37.476333068Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:50:37.478059972Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:50:37.479755467Z	37	PC: 12fe1 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:50:37.481645877Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.484062238Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.48628574Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.488263349Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.4911335Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.49310168Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.495027699Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.497597885Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.49963904Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.501544078Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.503986104Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.505952193Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.507851002Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.510261402Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.512276526Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.514242979Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.516569605Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.518532501Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.520469613Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.522670628Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.525066531Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.526510477Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.528954207Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.530833143Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.532695487Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.535003705Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.537071991Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.539669626Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.542952177Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.544968682Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.547051795Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.549435335Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.551250123Z	6	PC: 13068 \| Direct console I/O
2018-12-17T21:50:37.554752478Z	76	PC: 13020 \| Terminate with return code (Return code = '2')