Sample viewer

vx.netlux.org/Virus.DOS.HLLC.21904

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:21:34.183822939Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:21:34.185399289Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:21:34.186824413Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:21:34.187840535Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:21:34.1890348Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:21:34.189934556Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:21:34.190790597Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:21:34.191775274Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:21:34.192864163Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:21:34.193735838Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:21:34.194704536Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:21:34.195927757Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:21:34.196698932Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:21:34.197478001Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:21:34.198908214Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:21:34.199726812Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:21:34.200528055Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:21:34.201867022Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:21:34.202683827Z	53	PC: 1609a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:21:34.203422408Z	37	PC: 160af \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:21:34.204896855Z	37	PC: 160b7 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:21:34.205664504Z	37	PC: 160bf \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:21:34.206401092Z	37	PC: 160c7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:21:34.215709495Z	68	PC: 16e00 \| I/O control for devices (Set for = '�֋ظ')
2018-12-17T22:21:34.28553591Z	37	PC: 15931 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:21:34.287072458Z	26	PC: 15f17 \| Set disk transfer address
2018-12-17T22:21:34.288586126Z	78	PC: 15f23 \| Find first file
2018-12-17T22:21:34.293967522Z	26	PC: 15f17 \| Set disk transfer address
2018-12-17T22:21:34.294902333Z	78	PC: 15f23 \| Find first file
2018-12-17T22:21:34.3005367Z	25	PC: 169b8 \| Get default drive
2018-12-17T22:21:34.301478618Z	71	PC: 169cb \| Get current directory
2018-12-17T22:21:34.30424187Z	26	PC: 15f17 \| Set disk transfer address
2018-12-17T22:21:34.305788252Z	78	PC: 15f23 \| Find first file
2018-12-17T22:21:34.309794153Z	60	PC: 16de4 \| Create or truncate file
2018-12-17T22:21:34.322218781Z	68	PC: 16e00 \| I/O control for devices (Set for = '�֋ظ')
2018-12-17T22:21:34.324009674Z	64	PC: 16493 \| Write file or device (Write 14 bytes on handle 5)
2018-12-17T22:21:34.326410443Z	62	PC: 164d2 \| Close file
2018-12-17T22:21:34.334397077Z	61	PC: 16de4 \| Open file (Filename = 'UOMENYS.DAT')
2018-12-17T22:21:34.340894894Z	63	PC: 16461 \| Read file or device (Read 128 bytes on handle 5)
2018-12-17T22:21:34.343672285Z	62	PC: 164d2 \| Close file
2018-12-17T22:21:34.3453037Z	65	PC: 1693a \| Delete file (Filename = 'UOMENYS.DAT')
2018-12-17T22:21:34.357176191Z	61	PC: 167f1 \| Open file (Filename = 'A:\\TEST.EXE')
2018-12-17T22:21:34.359771064Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:21:34.360647852Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:21:34.362082312Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:21:34.363118445Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:21:34.364101189Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:21:34.365641013Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:21:34.366775084Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:21:34.368145656Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:21:34.36982815Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:21:34.371425559Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:21:34.372848017Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:21:34.37456442Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:21:34.376134814Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:21:34.377730026Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:21:34.389277572Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:21:34.390615012Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:21:34.394476927Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:21:34.395488493Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:21:34.397541872Z	37	PC: 161f1 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:21:34.398682742Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.4007063Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.403082896Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.40507652Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.407031255Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.410925884Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.413495136Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.415479846Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.417838063Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.419995667Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.422687635Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.425555711Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.427683785Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.430037053Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.432968146Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.435056765Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.437199766Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.453094469Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.455275232Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.457440798Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.45991362Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.462382095Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.464462776Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.46709782Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.469478998Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.471449062Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.474468159Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.476337622Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.478299155Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.481071683Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.482895511Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.484738071Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.486922506Z	6	PC: 16278 \| Direct console I/O
2018-12-17T22:21:34.490249229Z	76	PC: 16230 \| Terminate with return code (Return code = '5')