Sample viewer

vx.netlux.org/Virus.DOS.HLLO.2828

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:11:45.473423674Z	53	PC: 12d86 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:11:45.475483123Z	53	PC: 12d86 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:11:45.47749579Z	53	PC: 12d86 \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:11:45.478606458Z	53	PC: 12d86 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:11:45.480443296Z	53	PC: 12d86 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:11:45.481952987Z	53	PC: 12d86 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:11:45.48324679Z	53	PC: 12d86 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:11:45.48513141Z	53	PC: 12d86 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:11:45.487225353Z	53	PC: 12d86 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:11:45.488665132Z	53	PC: 12d86 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:11:45.490039302Z	53	PC: 12d86 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:11:45.492289489Z	53	PC: 12d86 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:11:45.493856513Z	53	PC: 12d86 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:11:45.49527571Z	53	PC: 12d86 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:11:45.497710093Z	53	PC: 12d86 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:11:45.499172473Z	53	PC: 12d86 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:11:45.500645407Z	53	PC: 12d86 \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:11:45.502893063Z	53	PC: 12d86 \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:11:45.504231379Z	37	PC: 12d9b \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:11:45.505643712Z	37	PC: 12da3 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:11:45.507448737Z	37	PC: 12dab \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:11:45.509607826Z	37	PC: 12db3 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:11:45.51142601Z	68	PC: 130f8 \| I/O control for devices (Set for = '')
2018-12-17T22:11:45.513791708Z	54	PC: 12cb3 \| Get free disk space
2018-12-17T22:11:45.522847016Z	26	PC: 12ce9 \| Set disk transfer address
2018-12-17T22:11:45.524268294Z	78	PC: 12cf5 \| Find first file
2018-12-17T22:11:45.53099475Z	48	PC: 1353d \| Get DOS version
2018-12-17T22:11:45.533585947Z	61	PC: 130df \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:11:45.54127523Z	61	PC: 130df \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:11:45.54903866Z	63	PC: 131a4 \| Read file or device (Read 128 bytes on handle 5)
2018-12-17T22:11:45.552120646Z	63	PC: 131a4 \| Read file or device (Read 128 bytes on handle 6)
2018-12-17T22:11:45.558916002Z	62	PC: 13215 \| Close file
2018-12-17T22:11:45.561172845Z	62	PC: 13215 \| Close file
2018-12-17T22:11:45.563451168Z	26	PC: 12d0d \| Set disk transfer address
2018-12-17T22:11:45.565553928Z	79	PC: 12d12 \| Find next file
2018-12-17T22:11:45.572729203Z	54	PC: 12cb3 \| Get free disk space
2018-12-17T22:11:45.578309339Z	14	PC: 13623 \| Set default drive (Drive = 'A')
2018-12-17T22:11:45.579754012Z	25	PC: 13627 \| Get default drive
2018-12-17T22:11:45.580800375Z	59	PC: 13691 \| Change current directory
2018-12-17T22:11:45.585387511Z	26	PC: 12ce9 \| Set disk transfer address
2018-12-17T22:11:45.586562617Z	78	PC: 12cf5 \| Find first file
2018-12-17T22:11:45.592871319Z	48	PC: 1353d \| Get DOS version
2018-12-17T22:11:45.595454231Z	61	PC: 130df \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:11:45.602582869Z	61	PC: 130df \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:11:45.610042156Z	63	PC: 131a4 \| Read file or device (Read 128 bytes on handle 5)
2018-12-17T22:11:45.61424565Z	63	PC: 131a4 \| Read file or device (Read 128 bytes on handle 6)
2018-12-17T22:11:45.61733248Z	62	PC: 13215 \| Close file
2018-12-17T22:11:45.619494012Z	62	PC: 13215 \| Close file
2018-12-17T22:11:45.622515774Z	26	PC: 12d0d \| Set disk transfer address
2018-12-17T22:11:45.623880296Z	79	PC: 12d12 \| Find next file
2018-12-17T22:11:45.626597088Z	54	PC: 12cb3 \| Get free disk space