Sample viewer

vx.netlux.org/Virus.DOS.HLLO.Wonder.7424.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:21:34.425657792Z	48	PC: 12a4b \| Get DOS version
2018-12-17T22:21:34.427301918Z	53	PC: 12b83 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:21:34.428653215Z	53	PC: 12b90 \| Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:21:34.429835691Z	53	PC: 12b9d \| Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:21:34.431623031Z	53	PC: 12baa \| Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:21:34.433023504Z	37	PC: 12bbe \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:21:34.434089699Z	74	PC: 12af3 \| Reallocate memory
2018-12-17T22:21:34.435945108Z	68	PC: 13c59 \| I/O control for devices (Set for = '� ')
2018-12-17T22:21:34.437669954Z	68	PC: 13c59 \| I/O control for devices (Set for = '� ��')
2018-12-17T22:21:34.439879565Z	61	PC: 13f0c \| Open file (Filename = 'A:\TEST.COM')
2018-12-17T22:21:34.447361239Z	68	PC: 13bfd \| I/O control for devices (Set for = '')
2018-12-17T22:21:34.44865712Z	68	PC: 13c59 \| I/O control for devices
2018-12-17T22:21:34.450608453Z	63	PC: 13ff5 \| Read file or device (Read 7168 bytes on handle 5)
2018-12-17T22:21:34.458673121Z	63	PC: 13ff5 \| Read file or device (Read 512 bytes on handle 5)
2018-12-17T22:21:34.461039528Z	62	PC: 139d2 \| Close file
2018-12-17T22:21:34.462243863Z	47	PC: 13a56 \| Get disk transfer address
2018-12-17T22:21:34.466873147Z	26	PC: 13a5f \| Set disk transfer address
2018-12-17T22:21:34.467875719Z	78	PC: 13a69 \| Find first file
2018-12-17T22:21:34.473749693Z	26	PC: 13a71 \| Set disk transfer address
2018-12-17T22:21:34.47551394Z	62	PC: 139d2 \| Close file
2018-12-17T22:21:34.477496543Z	62	PC: 139d2 \| Close file
2018-12-17T22:21:34.479182965Z	62	PC: 139d2 \| Close file
2018-12-17T22:21:34.481933607Z	62	PC: 139d2 \| Close file
2018-12-17T22:21:34.483893327Z	62	PC: 139d2 \| Close file
2018-12-17T22:21:34.485645287Z	37	PC: 12bca \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:21:34.487044488Z	37	PC: 12bd5 \| Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:21:34.488350509Z	37	PC: 12be0 \| Set interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:21:34.489434269Z	37	PC: 12beb \| Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:21:34.490768908Z	76	PC: 12b74 \| Terminate with return code (Return code = '0')