Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Irm.7360

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:52:40.606881448Z 53 PC: 138ba | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:52:40.609648806Z 53 PC: 138ba | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:52:40.61067214Z 53 PC: 138ba | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:52:40.611611584Z 53 PC: 138ba | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:52:40.613050748Z 53 PC: 138ba | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:52:40.614243571Z 53 PC: 138ba | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:40.615258833Z 53 PC: 138ba | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:52:40.61661996Z 53 PC: 138ba | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:52:40.617617625Z 53 PC: 138ba | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:52:40.618564691Z 53 PC: 138ba | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:52:40.619947245Z 53 PC: 138ba | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:52:40.620912643Z 53 PC: 138ba | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:52:40.62186383Z 53 PC: 138ba | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:52:40.623231088Z 53 PC: 138ba | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:52:40.624180737Z 53 PC: 138ba | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:52:40.625132604Z 53 PC: 138ba | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:52:40.626517074Z 53 PC: 138ba | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:52:40.627484843Z 53 PC: 138ba | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:52:40.628418736Z 53 PC: 138ba | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:52:40.629823502Z 37 PC: 138cf | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:52:40.630745189Z 37 PC: 138d7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:52:40.6316648Z 37 PC: 138df | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:40.632982005Z 37 PC: 138e7 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:52:40.634359198Z 68 PC: 1442c | I/O control for devices (Set for = 'PSR���Z[X.�.I�
2018-12-17T21:52:40.694592343Z 37 PC: 132e1 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:52:40.697698777Z 48 PC: 13f3f | Get DOS version
2018-12-17T21:52:40.698997499Z 25 PC: 13fcc | Get default drive
2018-12-17T21:52:40.699936402Z 71 PC: 13fdf | Get current directory
2018-12-17T21:52:40.709274931Z 26 PC: 130ad | Set disk transfer address
2018-12-17T21:52:40.710593462Z 78 PC: 130b9 | Find first file
2018-12-17T21:52:40.713381755Z 67 PC: 13036 | Get or set file attributes
2018-12-17T21:52:40.715687418Z 26 PC: 130d1 | Set disk transfer address
2018-12-17T21:52:40.716701119Z 79 PC: 130d6 | Find next file
2018-12-17T21:52:40.718545286Z 61 PC: 13d7d | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T21:52:40.726106906Z 60 PC: 13d7d | Create or truncate file
2018-12-17T21:52:40.743939103Z 66 PC: 13eaf | Move file pointer
2018-12-17T21:52:40.745383417Z 63 PC: 13e0f | Read file or device (Read 5000 bytes on handle 5)
2018-12-17T21:52:40.7533977Z 64 PC: 13e0f | Write file or device (Write 5000 bytes on handle 6)
2018-12-17T21:52:40.761605133Z 63 PC: 13e0f | Read file or device (Read 5000 bytes on handle 5)
2018-12-17T21:52:40.76903546Z 64 PC: 13e0f | Write file or device (Write 5000 bytes on handle 6)
2018-12-17T21:52:40.787106909Z 63 PC: 13e0f | Read file or device (Read 5000 bytes on handle 5)
2018-12-17T21:52:40.788905912Z 64 PC: 13e0f | Write file or device (Write 5000 bytes on handle 6)
2018-12-17T21:52:40.797985141Z 62 PC: 13dcd | Close file
2018-12-17T21:52:40.800455308Z 62 PC: 13dcd | Close file
2018-12-17T21:52:40.808314854Z 53 PC: 13212 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:52:40.809422058Z 37 PC: 1321b | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:52:40.811548582Z 53 PC: 13212 | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:52:40.812610737Z 37 PC: 1321b | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:52:40.81363733Z 53 PC: 13212 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:52:40.81467309Z 37 PC: 1321b | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:52:40.816105237Z 53 PC: 13212 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:52:40.817173725Z 37 PC: 1321b | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:52:40.818222511Z 53 PC: 13212 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:52:40.819906911Z 37 PC: 1321b | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:52:40.821590252Z 53 PC: 13212 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:40.822539907Z 37 PC: 1321b | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:40.824176822Z 53 PC: 13212 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:52:40.82518336Z 37 PC: 1321b | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:52:40.826149435Z 53 PC: 13212 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:52:40.827907372Z 37 PC: 1321b | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:52:40.828893555Z 53 PC: 13212 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:52:40.829848957Z 37 PC: 1321b | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:52:40.831199232Z 53 PC: 13212 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:52:40.832128467Z 37 PC: 1321b | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:52:40.833033163Z 53 PC: 13212 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:52:40.834443319Z 37 PC: 1321b | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:52:40.835391323Z 53 PC: 13212 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:52:40.836338802Z 37 PC: 1321b | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:52:40.837996866Z 53 PC: 13212 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:52:40.839067666Z 37 PC: 1321b | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:52:40.840154006Z 53 PC: 13212 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:52:40.8503592Z 37 PC: 1321b | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:52:40.851441503Z 53 PC: 13212 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:52:40.852447242Z 37 PC: 1321b | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:52:40.853863929Z 53 PC: 13212 | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:52:40.854850813Z 37 PC: 1321b | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:52:40.855800301Z 53 PC: 13212 | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:52:40.857548215Z 37 PC: 1321b | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:52:40.858544522Z 53 PC: 13212 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:52:40.859532807Z 37 PC: 1321b | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:52:40.861318325Z 53 PC: 13212 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:52:40.862309978Z 37 PC: 1321b | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:52:40.863720928Z 41 PC: 131c9 | Parse filename
2018-12-17T21:52:40.865780313Z 41 PC: 131d7 | Parse filename
2018-12-17T21:52:40.867008771Z 75 PC: 131e2 | Execute program
2018-12-17T21:52:40.882016926Z 9 PC: 17d2c | Display string (String= '�����JWUW�����������������J�������!�  [ �t4�3�!�Š�<v��A�6��~��04���r ��r ������������4��0�!P2�2�X��2�4�����3�r&�=u �i�>�U�8&�G �t0<')
2018-12-17T21:52:40.893799276Z 76 PC: 17d31 | Terminate with return code (Return code = '0')
2018-12-17T21:52:40.896625674Z 53 PC: 13212 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:52:40.897677899Z 37 PC: 1321b | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:52:40.899217404Z 53 PC: 13212 | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:52:40.900304301Z 37 PC: 1321b | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:52:40.901436905Z 53 PC: 13212 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:52:40.903070769Z 37 PC: 1321b | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:52:40.904200206Z 53 PC: 13212 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:52:40.905356193Z 37 PC: 1321b | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:52:40.906912685Z 53 PC: 13212 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:52:40.908044607Z 37 PC: 1321b | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:52:40.909145059Z 53 PC: 13212 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:40.910784528Z 37 PC: 1321b | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:40.911754177Z 53 PC: 13212 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:52:40.912809879Z 37 PC: 1321b | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:52:40.91412165Z 53 PC: 13212 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:52:40.915123665Z 37 PC: 1321b | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:52:40.916215978Z 53 PC: 13212 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:52:40.917807708Z 37 PC: 1321b | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:52:40.918815799Z 53 PC: 13212 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:52:40.919822735Z 37 PC: 1321b | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:52:40.921179306Z 53 PC: 13212 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:52:40.922209124Z 37 PC: 1321b | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:52:40.92317558Z 53 PC: 13212 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:52:40.92453954Z 37 PC: 1321b | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:52:40.925551687Z 53 PC: 13212 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:52:40.926620748Z 37 PC: 1321b | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:52:40.928168173Z 53 PC: 13212 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:52:40.929176083Z 37 PC: 1321b | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:52:40.93015304Z 53 PC: 13212 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:52:40.931598791Z 37 PC: 1321b | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:52:40.932569101Z 53 PC: 13212 | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:52:40.93357212Z 37 PC: 1321b | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:52:40.935641366Z 53 PC: 13212 | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:52:40.936606949Z 37 PC: 1321b | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:52:40.937511252Z 53 PC: 13212 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:52:40.93876283Z 37 PC: 1321b | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:52:40.939741262Z 53 PC: 13212 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:52:40.940695615Z 37 PC: 1321b | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:52:40.942016224Z 65 PC: 13ec6 | Delete file (Filename = '��hD_')
2018-12-17T21:52:40.953902104Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:52:40.954850461Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:52:40.956812501Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:52:40.957835446Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:52:40.959154419Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:52:40.96118757Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:40.962492118Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:52:40.963782017Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:52:40.966031557Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:52:40.967328164Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:52:40.968623146Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:52:40.970958421Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:52:40.972321561Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:52:40.973687399Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:52:40.975861993Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:52:40.977542279Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:52:40.979611944Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:52:40.981545701Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:52:40.982671386Z 37 PC: 13a11 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:52:40.983716415Z 76 PC: 13a50 | Terminate with return code (Return code = '0')