Sample viewer

vx.netlux.org/Virus.DOS.HLLC.7920

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:27:35.449841187Z 53 PC: 1351a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:27:35.452416843Z 53 PC: 1351a | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:27:35.453917376Z 53 PC: 1351a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:27:35.45537371Z 53 PC: 1351a | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:27:35.458261223Z 53 PC: 1351a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:27:35.459648603Z 53 PC: 1351a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:27:35.461059205Z 53 PC: 1351a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:27:35.462439024Z 53 PC: 1351a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:27:35.465742195Z 53 PC: 1351a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:27:35.467910022Z 53 PC: 1351a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:27:35.474313443Z 53 PC: 1351a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:27:35.475739892Z 53 PC: 1351a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:27:35.477371054Z 53 PC: 1351a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:27:35.478809859Z 53 PC: 1351a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:27:35.481081876Z 53 PC: 1351a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:27:35.498042227Z 53 PC: 1351a | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:27:35.499688488Z 53 PC: 1351a | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:27:35.501316627Z 53 PC: 1351a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:27:35.503095627Z 53 PC: 1351a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:27:35.504478479Z 37 PC: 1352f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:27:35.505766591Z 37 PC: 13537 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:27:35.507511657Z 37 PC: 1353f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:27:35.508806291Z 37 PC: 13547 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:27:35.510577696Z 68 PC: 14480 | I/O control for devices (Set for = '������ËQ����t�>�!�Q����(��&��SQR���3ۉ?��E��G�=')
2018-12-17T22:27:35.526093532Z 25 PC: 14152 | Get default drive
2018-12-17T22:27:35.527540249Z 71 PC: 14165 | Get current directory
2018-12-17T22:27:35.53097859Z 48 PC: 140c5 | Get DOS version
2018-12-17T22:27:35.533157642Z 25 PC: 14152 | Get default drive
2018-12-17T22:27:35.535248934Z 71 PC: 14165 | Get current directory
2018-12-17T22:27:35.539453948Z 25 PC: 14152 | Get default drive
2018-12-17T22:27:35.541073531Z 71 PC: 14165 | Get current directory
2018-12-17T22:27:35.549750696Z 14 PC: 141ab | Set default drive (Drive = 'C')
2018-12-17T22:27:35.555533917Z 25 PC: 141af | Get default drive
2018-12-17T22:27:35.557143201Z 59 PC: 14219 | Change current directory
2018-12-17T22:27:35.561980802Z 26 PC: 1323f | Set disk transfer address
2018-12-17T22:27:35.570584219Z 78 PC: 1324b | Find first file
2018-12-17T22:27:35.576802316Z 26 PC: 1323f | Set disk transfer address
2018-12-17T22:27:35.588447947Z 78 PC: 1324b | Find first file
2018-12-17T22:27:35.594522923Z 26 PC: 13263 | Set disk transfer address
2018-12-17T22:27:35.596508003Z 79 PC: 13268 | Find next file
2018-12-17T22:27:35.599953702Z 26 PC: 13263 | Set disk transfer address
2018-12-17T22:27:35.611173491Z 79 PC: 13268 | Find next file
2018-12-17T22:27:35.614323673Z 59 PC: 14219 | Change current directory
2018-12-17T22:27:35.625843787Z 26 PC: 1323f | Set disk transfer address
2018-12-17T22:27:35.627324732Z 78 PC: 1324b | Find first file
2018-12-17T22:27:35.649543102Z 25 PC: 14152 | Get default drive
2018-12-17T22:27:35.651068347Z 71 PC: 14165 | Get current directory
2018-12-17T22:27:35.654586796Z 87 PC: 131e2 | Get or set file date and time
2018-12-17T22:27:35.656813412Z 67 PC: 131c8 | Get or set file attributes
2018-12-17T22:27:36.017244732Z 61 PC: 13f77 | Open file (Filename = 'ATTRIB.EXE')
2018-12-17T22:27:36.026824846Z 60 PC: 13f77 | Create or truncate file
2018-12-17T22:27:36.040372696Z 63 PC: 1404a | Read file or device (Read 2048 bytes on handle 5)
2018-12-17T22:27:36.047946473Z 64 PC: 1404a | Write file or device (Write 2048 bytes on handle 6)
2018-12-17T22:27:36.060281947Z 63 PC: 1404a | Read file or device (Read 2048 bytes on handle 5)
2018-12-17T22:27:36.067909927Z 64 PC: 1404a | Write file or device (Write 2048 bytes on handle 6)
2018-12-17T22:27:36.076507866Z 63 PC: 1404a | Read file or device (Read 2048 bytes on handle 5)
2018-12-17T22:27:36.085698367Z 64 PC: 1404a | Write file or device (Write 2048 bytes on handle 6)
2018-12-17T22:27:36.095162066Z 63 PC: 1404a | Read file or device (Read 2048 bytes on handle 5)
2018-12-17T22:27:36.104062469Z 64 PC: 1404a | Write file or device (Write 2048 bytes on handle 6)
2018-12-17T22:27:36.116566188Z 63 PC: 1404a | Read file or device (Read 2048 bytes on handle 5)
2018-12-17T22:27:36.12467685Z 64 PC: 1404a | Write file or device (Write 2048 bytes on handle 6)
2018-12-17T22:27:36.137509063Z 63 PC: 1404a | Read file or device (Read 2048 bytes on handle 5)
2018-12-17T22:27:36.145573575Z 64 PC: 1404a | Write file or device (Write 968 bytes on handle 6)
2018-12-17T22:27:36.155014717Z 63 PC: 1404a | Read file or device (Read 2048 bytes on handle 5)
2018-12-17T22:27:36.157705296Z 62 PC: 13fc7 | Close file
2018-12-17T22:27:36.160189967Z 62 PC: 13fc7 | Close file
2018-12-17T22:27:36.170442001Z 61 PC: 13f77 | Open file (Filename = 'A:\\EST.EXE')
2018-12-17T22:27:36.173975419Z 64 PC: 13c3f | Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:27:36.176325108Z 37 PC: 13671 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:27:36.179699937Z 37 PC: 13671 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:27:36.18158447Z 37 PC: 13671 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:27:36.183265145Z 37 PC: 13671 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:27:36.185917314Z 37 PC: 13671 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:27:36.187449757Z 37 PC: 13671 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:27:36.189155206Z 37 PC: 13671 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:27:36.191438924Z 37 PC: 13671 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:27:36.19323497Z 37 PC: 13671 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:27:36.195010508Z 37 PC: 13671 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:27:36.197264459Z 37 PC: 13671 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:27:36.198947682Z 37 PC: 13671 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:27:36.20048406Z 37 PC: 13671 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:27:36.202231847Z 37 PC: 13671 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:27:36.203814856Z 37 PC: 13671 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:27:36.205334432Z 37 PC: 13671 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:27:36.206855058Z 37 PC: 13671 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:27:36.209324792Z 37 PC: 13671 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:27:36.210883188Z 37 PC: 13671 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:27:36.212555421Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.215621359Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.218190584Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.22072591Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.22416624Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.227029045Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.22967788Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.233064229Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.235899352Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.239092029Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.241910599Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.245122591Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.247797371Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.250472618Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.253702575Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.256371855Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.259034529Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.262377607Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.265032764Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.267713846Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.271708708Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.27436476Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.277027354Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.280469522Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.283243684Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.285923454Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.289191129Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.291741228Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.294361636Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.297293748Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.299783604Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.302349978Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.305210016Z 6 PC: 136f8 | Direct console I/O
2018-12-17T22:27:36.309585258Z 76 PC: 136b0 | Terminate with return code (Return code = '5')