Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Dxl.11296

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:22:47.903387038Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:22:47.905330392Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:22:47.907890598Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:22:47.910191287Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:22:47.912800079Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:22:47.915742218Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:22:47.920945713Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:22:47.923641206Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:22:47.927009943Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:22:47.92858509Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:22:47.930371153Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:22:47.932590682Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:22:47.934532542Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:22:47.937157541Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:22:47.939909508Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:22:47.941633586Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:22:47.943381725Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:22:47.945321348Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:22:47.947556177Z 53 PC: 13a5a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:22:47.949085717Z 37 PC: 13a6f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:22:47.950405868Z 37 PC: 13a77 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:22:47.952345773Z 37 PC: 13a7f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:22:47.95392637Z 37 PC: 13a87 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:22:47.955993055Z 68 PC: 146bf | I/O control for devices (Set for = '2�_^��"VW3���+��r����')
2018-12-17T22:22:47.958836345Z 61 PC: 141b1 | Open file (Filename = 'c:\windows\bs.bmp')
2018-12-17T22:22:47.97389074Z 60 PC: 141b1 | Create or truncate file
2018-12-17T22:22:48.33952959Z 64 PC: 14284 | Write file or device (Write 2926 bytes on handle 5)
2018-12-17T22:22:48.351909939Z 62 PC: 14201 | Close file
2018-12-17T22:22:48.360496388Z 25 PC: 1438c | Get default drive
2018-12-17T22:22:48.362062877Z 71 PC: 1439f | Get current directory
2018-12-17T22:22:48.367001418Z 60 PC: 146a3 | Create or truncate file
2018-12-17T22:22:48.384493365Z 68 PC: 146bf | I/O control for devices (Set for = 'e�&�>�')
2018-12-17T22:22:48.38757305Z 64 PC: 13e53 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T22:22:48.392506285Z 48 PC: 142ff | Get DOS version
2018-12-17T22:22:48.395050455Z 64 PC: 13e53 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T22:22:48.398514315Z 64 PC: 13e53 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T22:22:48.401959321Z 64 PC: 13e53 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T22:22:48.406028329Z 64 PC: 13e53 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T22:22:48.415271792Z 64 PC: 13e53 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T22:22:48.418882338Z 64 PC: 13e53 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T22:22:48.423065817Z 64 PC: 13e53 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T22:22:48.426707726Z 64 PC: 13e53 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T22:22:48.435933058Z 64 PC: 13e53 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T22:22:48.4486379Z 64 PC: 13e53 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T22:22:48.452508034Z 64 PC: 13e53 | Write file or device (Write 49 bytes on handle 5)
2018-12-17T22:22:48.456280466Z 62 PC: 13e92 | Close file
2018-12-17T22:22:48.467396906Z 67 PC: 137ac | Get or set file attributes
2018-12-17T22:22:48.477730499Z 67 PC: 137ac | Get or set file attributes
2018-12-17T22:22:48.489491392Z 25 PC: 13818 | Get default drive
2018-12-17T22:22:48.491448132Z 71 PC: 13837 | Get current directory
2018-12-17T22:22:48.495201354Z 53 PC: 139ca | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:22:48.496624815Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:22:48.499938795Z 53 PC: 139ca | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:22:48.501595041Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:22:48.503296945Z 53 PC: 139ca | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:22:48.505245999Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:22:48.508203558Z 53 PC: 139ca | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:22:48.510064481Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:22:48.51176442Z 53 PC: 139ca | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:22:48.514034504Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:22:48.515753676Z 53 PC: 139ca | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:22:48.517493958Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:22:48.521018713Z 53 PC: 139ca | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:22:48.522546718Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:22:48.524206404Z 53 PC: 139ca | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:22:48.526665595Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:22:48.528368508Z 53 PC: 139ca | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:22:48.537184443Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:22:48.547051259Z 53 PC: 139ca | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:22:48.548483038Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:22:48.55019811Z 53 PC: 139ca | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:22:48.553297874Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:22:48.555204603Z 53 PC: 139ca | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:22:48.557022504Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:22:48.559740534Z 53 PC: 139ca | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:22:48.561516239Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:22:48.563222485Z 53 PC: 139ca | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:22:48.564935768Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:22:48.570191166Z 53 PC: 139ca | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:22:48.571858183Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:22:48.573442938Z 53 PC: 139ca | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:22:48.575520524Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:22:48.577115229Z 53 PC: 139ca | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:22:48.578738743Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:22:48.581468947Z 53 PC: 139ca | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:22:48.583244361Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:22:48.585017644Z 53 PC: 139ca | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:22:48.587619591Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:22:48.589990347Z 41 PC: 13981 | Parse filename
2018-12-17T22:22:48.592933742Z 41 PC: 1398f | Parse filename
2018-12-17T22:22:48.596860341Z 75 PC: 1399a | Execute program
2018-12-17T22:22:48.602188787Z 53 PC: 139ca | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:22:48.603399357Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:22:48.605493067Z 53 PC: 139ca | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:22:48.606740726Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:22:48.60788343Z 53 PC: 139ca | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:22:48.609144012Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:22:48.610569282Z 53 PC: 139ca | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:22:48.612118898Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:22:48.613307669Z 53 PC: 139ca | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:22:48.616872845Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:22:48.617964915Z 53 PC: 139ca | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:22:48.61912544Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:22:48.621096283Z 53 PC: 139ca | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:22:48.622443482Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:22:48.623675538Z 53 PC: 139ca | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:22:48.625546084Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:22:48.627172824Z 53 PC: 139ca | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:22:48.628782091Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:22:48.631133322Z 53 PC: 139ca | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:22:48.632577344Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:22:48.633955757Z 53 PC: 139ca | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:22:48.643740733Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:22:48.645098726Z 53 PC: 139ca | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:22:48.646449824Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:22:48.648856725Z 53 PC: 139ca | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:22:48.650230079Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:22:48.651764602Z 53 PC: 139ca | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:22:48.65352925Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:22:48.65480877Z 53 PC: 139ca | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:22:48.656040827Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:22:48.657556399Z 53 PC: 139ca | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:22:48.658995845Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:22:48.660102318Z 53 PC: 139ca | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:22:48.661644809Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:22:48.662947974Z 53 PC: 139ca | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:22:48.664187978Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:22:48.665894289Z 53 PC: 139ca | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:22:48.667353263Z 37 PC: 139d3 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:22:48.668988189Z 64 PC: 13e78 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:22:48.671572067Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:22:48.673011484Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:22:48.674366898Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:22:48.67595912Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:22:48.677423889Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:22:48.679460268Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:22:48.682321743Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:22:48.683723066Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:22:48.684929885Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:22:48.686337632Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:22:48.688122934Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:22:48.689333793Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:22:48.69065958Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:22:48.691994638Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:22:48.693512197Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:22:48.695318647Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:22:48.696648406Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:22:48.697808497Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:22:48.699095585Z 37 PC: 13bb1 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:22:48.700506426Z 76 PC: 13bf0 | Terminate with return code (Return code = '0')