Sample viewer

vx.netlux.org/Virus.DOS.Emhaka.2775

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:13:28.935120125Z	149	PC: 133cf \| UNKNOWN!
2018-12-17T22:13:28.936446763Z	98	PC: 134d0 \| Get current PSP
2018-12-17T22:13:28.938148945Z	74	PC: 22bec \| Reallocate memory
2018-12-17T22:13:28.939768995Z	72	PC: 22bf3 \| Allocate memory
2018-12-17T22:13:28.942185651Z	85	PC: 22bfc \| Create program PSP
2018-12-17T22:13:28.944548863Z	80	PC: 22c02 \| Set current PSP
2018-12-17T22:13:28.945628424Z	72	PC: 22c07 \| Allocate memory
2018-12-17T22:13:28.948026364Z	53	PC: 22c99 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:13:28.950572861Z	37	PC: 22caa \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:13:28.952017823Z	48	PC: 22cae \| Get DOS version
2018-12-17T22:13:28.953496984Z	82	PC: 22cbc \| Get DOS internal pointers (SYSVARS)
2018-12-17T22:13:28.9563364Z	9	PC: 13763 \| Display string (String= 'xxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxx =-=-=-=-=-=-=-=-=-=-=-=-=-=-= xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxx. ')
2018-12-17T22:13:28.971260956Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:13:28.972762816Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:13:28.97571225Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:13:28.977985467Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:13:28.979416069Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:13:28.981809175Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:13:28.98343825Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:28.985937305Z	62	PC: 122ab \| Close file
2018-12-17T22:13:28.988553851Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:28.990642901Z	62	PC: 122ab \| Close file
2018-12-17T22:13:28.992543828Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:28.994328146Z	62	PC: 122ab \| Close file
2018-12-17T22:13:28.997063436Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:28.999014915Z	62	PC: 122ab \| Close file
2018-12-17T22:13:29.001261396Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:29.005623257Z	62	PC: 122ab \| Close file
2018-12-17T22:13:29.00722954Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:29.008692891Z	62	PC: 122ab \| Close file
2018-12-17T22:13:29.011146444Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:29.012808457Z	62	PC: 122ab \| Close file
2018-12-17T22:13:29.014656769Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:29.017271109Z	62	PC: 122ab \| Close file
2018-12-17T22:13:29.019351366Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:29.021061725Z	62	PC: 122ab \| Close file
2018-12-17T22:13:29.023367435Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:29.025365182Z	62	PC: 122ab \| Close file
2018-12-17T22:13:29.027604279Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:29.033775589Z	62	PC: 122ab \| Close file
2018-12-17T22:13:29.036432331Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:29.037969421Z	62	PC: 122ab \| Close file
2018-12-17T22:13:29.039629724Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:29.041771787Z	62	PC: 122ab \| Close file
2018-12-17T22:13:29.043542539Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:29.045050314Z	62	PC: 122ab \| Close file
2018-12-17T22:13:29.047465473Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:29.049723984Z	62	PC: 122ab \| Close file
2018-12-17T22:13:29.052572899Z	99	PC: 9a5d7 \| Get DBCS lead byte table pointer
2018-12-17T22:13:29.054034687Z	56	PC: 94df9 \| Get or set country info
2018-12-17T22:13:29.071762571Z	64	PC: 9a848 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:13:29.076144207Z	25	PC: 94e62 \| Get default drive
2018-12-17T22:13:29.078149451Z	71	PC: 970dd \| Get current directory
2018-12-17T22:13:29.082850712Z	64	PC: 9a848 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:13:29.086325774Z	2	PC: 970b2 \| Character output (Char = '3e')
2018-12-17T22:13:29.08904996Z	93	PC: 94f20 \| File sharing functions
2018-12-17T22:13:29.091211642Z	93	PC: 94f27 \| File sharing functions
2018-12-17T22:13:29.093204102Z	10	PC: 94f39 \| Buffered keyboard input
2018-12-17T22:13:43.900426085Z	0	PC: 0 \| Program terminate
2018-12-17T22:13:45.254831686Z	0	PC: 0 \| Program terminate
2018-12-17T22:13:45.358367748Z	64	PC: 9a848 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:13:45.365062532Z	41	PC: 94fae \| Parse filename
2018-12-17T22:13:45.367558598Z	41	PC: 9502f \| Parse filename
2018-12-17T22:13:45.370732334Z	41	PC: 9504c \| Parse filename
2018-12-17T22:13:45.373951504Z	26	PC: 984f7 \| Set disk transfer address
2018-12-17T22:13:45.375904006Z	71	PC: 986f3 \| Get current directory
2018-12-17T22:13:45.38392115Z	47	PC: 13329 \| Get disk transfer address
2018-12-17T22:13:45.385950366Z	78	PC: 13329 \| Find first file
2018-12-17T22:13:45.395916135Z	71	PC: 9856c \| Get current directory
2018-12-17T22:13:45.399112956Z	73	PC: 97c09 \| Release memory
2018-12-17T22:13:45.404273551Z	108	PC: 13329 \| Extended open/create file
2018-12-17T22:13:45.411294628Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:45.412995686Z	62	PC: 13329 \| Close file
2018-12-17T22:13:45.416447975Z	53	PC: 13329 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:13:45.417966765Z	37	PC: 13329 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:13:45.419390053Z	67	PC: 13329 \| Get or set file attributes
2018-12-17T22:13:45.426066066Z	67	PC: 13329 \| Get or set file attributes
2018-12-17T22:13:45.443768158Z	108	PC: 13329 \| Extended open/create file
2018-12-17T22:13:45.450780267Z	63	PC: 13329 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:13:45.458220528Z	66	PC: 13329 \| Move file pointer
2018-12-17T22:13:45.45992178Z	62	PC: 13329 \| Close file
2018-12-17T22:13:45.461978737Z	67	PC: 13329 \| Get or set file attributes
2018-12-17T22:13:45.473556432Z	37	PC: 13329 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:13:45.475246041Z	75	PC: 11821 \| Execute program
2018-12-17T22:13:45.486398713Z	9	PC: 136d7 \| Display string (String= 'Hello, World! ')
2018-12-17T22:13:45.492696068Z	76	PC: 136db \| Terminate with return code (Return code = '36')
2018-12-17T22:13:45.49644177Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:13:45.497951411Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:13:45.500216357Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:13:45.502993336Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:13:45.50444014Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:13:45.505924493Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:13:45.50786816Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:45.50975417Z	62	PC: 122ab \| Close file
2018-12-17T22:13:45.512197197Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:45.514638292Z	62	PC: 122ab \| Close file
2018-12-17T22:13:45.516271086Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:45.518022956Z	62	PC: 122ab \| Close file
2018-12-17T22:13:45.520445874Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:45.522169145Z	62	PC: 122ab \| Close file
2018-12-17T22:13:45.524042997Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:45.526321477Z	62	PC: 122ab \| Close file
2018-12-17T22:13:45.528000156Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:45.52956967Z	62	PC: 122ab \| Close file
2018-12-17T22:13:45.532123017Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:45.53369565Z	62	PC: 122ab \| Close file
2018-12-17T22:13:45.535522086Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:45.537569026Z	62	PC: 122ab \| Close file
2018-12-17T22:13:45.539195009Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:45.540710252Z	62	PC: 122ab \| Close file
2018-12-17T22:13:45.542833567Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:45.544295441Z	62	PC: 122ab \| Close file
2018-12-17T22:13:45.54591771Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:45.547773069Z	62	PC: 122ab \| Close file
2018-12-17T22:13:45.550191827Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:45.551822548Z	62	PC: 122ab \| Close file
2018-12-17T22:13:45.554454367Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:45.55624495Z	62	PC: 122ab \| Close file
2018-12-17T22:13:45.55821207Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:45.56113956Z	62	PC: 122ab \| Close file
2018-12-17T22:13:45.562887898Z	87	PC: 13329 \| Get or set file date and time
2018-12-17T22:13:45.564710294Z	62	PC: 122ab \| Close file
2018-12-17T22:13:45.568535528Z	99	PC: 9a5d7 \| Get DBCS lead byte table pointer
2018-12-17T22:13:45.569940581Z	56	PC: 94df9 \| Get or set country info
2018-12-17T22:13:45.571951148Z	64	PC: 9a848 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:13:45.577306237Z	25	PC: 94e62 \| Get default drive
2018-12-17T22:13:45.578978229Z	71	PC: 970dd \| Get current directory
2018-12-17T22:13:45.582931063Z	64	PC: 9a848 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:13:45.586935598Z	2	PC: 970b2 \| Character output (Char = '3e')
2018-12-17T22:13:45.589200099Z	93	PC: 94f20 \| File sharing functions
2018-12-17T22:13:45.590872592Z	93	PC: 94f27 \| File sharing functions
2018-12-17T22:13:45.592951692Z	10	PC: 94f39 \| Buffered keyboard input