Sample viewer

vx.netlux.org/Virus.DOS.HLLO.OJ.15788

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:15:46.948662311Z	48	PC: 12a4c \| Get DOS version
2018-12-17T22:15:46.950153749Z	53	PC: 12bef \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:15:46.95139158Z	53	PC: 12bfc \| Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:15:46.952512473Z	53	PC: 12c09 \| Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:15:46.954252686Z	53	PC: 12c16 \| Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:15:46.95534642Z	37	PC: 12c2a \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:15:46.956613826Z	74	PC: 12af4 \| Reallocate memory
2018-12-17T22:15:46.959450682Z	68	PC: 13209 \| I/O control for devices (Set for = 'pyright 1991 Borland Intl.')
2018-12-17T22:15:46.961256583Z	68	PC: 13209 \| I/O control for devices (Set for = '')
2018-12-17T22:15:46.964114045Z	25	PC: 13087 \| Get default drive
2018-12-17T22:15:46.965661489Z	71	PC: 1313d \| Get current directory
2018-12-17T22:15:46.967634561Z	25	PC: 13087 \| Get default drive
2018-12-17T22:15:46.968658041Z	14	PC: 1309f \| Set default drive (Drive = 'C')
2018-12-17T22:15:46.97031706Z	55	PC: 131a1 \| Get or set switch character
2018-12-17T22:15:46.971720573Z	41	PC: 13e24 \| Parse filename
2018-12-17T22:15:46.972646299Z	41	PC: 13e43 \| Parse filename
2018-12-17T22:15:46.973789022Z	75	PC: 13e83 \| Execute program
2018-12-17T22:15:46.987989134Z	80	PC: 26619 \| Set current PSP
2018-12-17T22:15:46.988794403Z	48	PC: 2661e \| Get DOS version
2018-12-17T22:15:46.989811118Z	99	PC: 2ce00 \| Get DBCS lead byte table pointer
2018-12-17T22:15:46.991727554Z	101	PC: 266a4 \| Get extended country info
2018-12-17T22:15:46.992544313Z	99	PC: 266aa \| Get DBCS lead byte table pointer
2018-12-17T22:15:46.993288891Z	74	PC: 2670c \| Reallocate memory
2018-12-17T22:15:46.994762644Z	25	PC: 26743 \| Get default drive
2018-12-17T22:15:46.995474571Z	37	PC: 26203 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:15:46.996198165Z	37	PC: 2620a \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:15:46.997562417Z	37	PC: 26211 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:15:47.000276308Z	74	PC: 253ac \| Reallocate memory
2018-12-17T22:15:47.001357639Z	72	PC: 253ed \| Allocate memory
2018-12-17T22:15:47.003449154Z	72	PC: 25425 \| Allocate memory
2018-12-17T22:15:47.004788741Z	72	PC: 2542d \| Allocate memory