Sample viewer

vx.netlux.org/Virus.DOS.HLLC.5840

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:25:04.747468365Z 53 PC: 12fea | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:25:04.749963515Z 53 PC: 12fea | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:25:04.751826276Z 53 PC: 12fea | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:25:04.753590032Z 53 PC: 12fea | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:25:04.755601448Z 53 PC: 12fea | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:25:04.758203931Z 53 PC: 12fea | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:25:04.75991565Z 53 PC: 12fea | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:25:04.761623659Z 53 PC: 12fea | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:25:04.763474144Z 53 PC: 12fea | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:25:04.764833574Z 53 PC: 12fea | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:25:04.766682452Z 53 PC: 12fea | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:25:04.770691418Z 53 PC: 12fea | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:25:04.77221764Z 53 PC: 12fea | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:25:04.773875146Z 53 PC: 12fea | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:25:04.775832622Z 53 PC: 12fea | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:25:04.777540289Z 53 PC: 12fea | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:25:04.779416666Z 53 PC: 12fea | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:25:04.782488824Z 53 PC: 12fea | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:25:04.783910515Z 53 PC: 12fea | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:25:04.785229606Z 37 PC: 12fff | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:25:04.787131106Z 37 PC: 13007 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:25:04.788733812Z 37 PC: 1300f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:25:04.790288064Z 37 PC: 13017 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:25:04.792442273Z 68 PC: 13ec0 | I/O control for devices (Set for = ' ������ �t��������&�<t<�t���������Lr���')
2018-12-17T22:25:04.795533959Z 25 PC: 13b92 | Get default drive
2018-12-17T22:25:04.796745983Z 71 PC: 13ba5 | Get current directory
2018-12-17T22:25:04.800013812Z 48 PC: 13b05 | Get DOS version
2018-12-17T22:25:04.802518316Z 64 PC: 1370f | Write file or device (Write 9 bytes on handle 1)
2018-12-17T22:25:04.8076925Z 25 PC: 13b92 | Get default drive
2018-12-17T22:25:04.808922796Z 71 PC: 13ba5 | Get current directory
2018-12-17T22:25:04.8212321Z 25 PC: 13b92 | Get default drive
2018-12-17T22:25:04.827981792Z 71 PC: 13ba5 | Get current directory
2018-12-17T22:25:04.831270237Z 14 PC: 13beb | Set default drive (Drive = 'C')
2018-12-17T22:25:04.833293436Z 25 PC: 13bef | Get default drive
2018-12-17T22:25:04.834675996Z 59 PC: 13c59 | Change current directory
2018-12-17T22:25:04.83882188Z 26 PC: 12ec7 | Set disk transfer address
2018-12-17T22:25:04.854076445Z 78 PC: 12ed3 | Find first file
2018-12-17T22:25:04.860218997Z 26 PC: 12ec7 | Set disk transfer address
2018-12-17T22:25:04.882836555Z 78 PC: 12ed3 | Find first file
2018-12-17T22:25:04.88990543Z 26 PC: 12eeb | Set disk transfer address
2018-12-17T22:25:04.891106069Z 79 PC: 12ef0 | Find next file
2018-12-17T22:25:04.894061074Z 26 PC: 12eeb | Set disk transfer address
2018-12-17T22:25:04.896545983Z 79 PC: 12ef0 | Find next file
2018-12-17T22:25:04.901826516Z 59 PC: 13c59 | Change current directory
2018-12-17T22:25:04.908706176Z 26 PC: 12ec7 | Set disk transfer address
2018-12-17T22:25:04.911232371Z 78 PC: 12ed3 | Find first file
2018-12-17T22:25:04.92874079Z 25 PC: 13b92 | Get default drive
2018-12-17T22:25:04.930358985Z 71 PC: 13ba5 | Get current directory
2018-12-17T22:25:04.933980635Z 26 PC: 12ec7 | Set disk transfer address
2018-12-17T22:25:04.936175192Z 78 PC: 12ed3 | Find first file
2018-12-17T22:25:04.946624286Z 61 PC: 139b7 | Open file (Filename = 'A:\\EST.EXE')
2018-12-17T22:25:04.950078577Z 64 PC: 1370f | Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:25:04.953320507Z 37 PC: 13141 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:25:04.95537248Z 37 PC: 13141 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:25:04.957009944Z 37 PC: 13141 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:25:04.958857444Z 37 PC: 13141 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:25:04.960753409Z 37 PC: 13141 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:25:04.962387921Z 37 PC: 13141 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:25:04.964556854Z 37 PC: 13141 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:25:04.966212162Z 37 PC: 13141 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:25:04.968054043Z 37 PC: 13141 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:25:04.971996016Z 37 PC: 13141 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:25:04.974610868Z 37 PC: 13141 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:25:04.97631111Z 37 PC: 13141 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:25:04.977768778Z 37 PC: 13141 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:25:04.980366863Z 37 PC: 13141 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:25:04.982502878Z 37 PC: 13141 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:25:04.984117909Z 37 PC: 13141 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:25:04.986676945Z 37 PC: 13141 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:25:04.988375573Z 37 PC: 13141 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:25:04.990064453Z 37 PC: 13141 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:25:04.992861017Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:04.995412272Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:04.997772159Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.001298879Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.003806273Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.006282729Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.009832486Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.012795855Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.015807814Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.019130593Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.022683631Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.025493939Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.03113698Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.045155029Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.048352676Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.051284267Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.054784729Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.058495142Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.061210849Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.064404517Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.067597529Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.07038638Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.074027812Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.076613992Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.100490947Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.103005404Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.104734867Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.106466432Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.108732414Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.110404918Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.1119956Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.113806605Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.11568739Z 6 PC: 131c8 | Direct console I/O
2018-12-17T22:25:05.118159827Z 76 PC: 13180 | Terminate with return code (Return code = '5')