Sample viewer

vx.netlux.org/Virus.DOS.HLLC.19376

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:27:49.641961857Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:27:49.644146758Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:27:49.645689953Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:27:49.647206847Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:27:49.649489812Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:27:49.651020803Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:27:49.652458714Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:27:49.654637193Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:27:49.655894658Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:27:49.657112451Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:27:49.659033664Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:27:49.660281636Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:27:49.661499966Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:27:49.665258375Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:27:49.666826623Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:27:49.669069924Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:27:49.671078129Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:27:49.672656295Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:27:49.674186901Z	53	PC: 15aea \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:27:49.675959229Z	37	PC: 15aff \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:27:49.681173101Z	37	PC: 15b07 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:27:49.682555994Z	37	PC: 15b0f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:27:49.684683545Z	37	PC: 15b17 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:27:49.686620306Z	68	PC: 1673b \| I/O control for devices (Set for = '3��`�!��u�>�')
2018-12-17T22:27:49.794536537Z	37	PC: 152a1 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:27:49.799204123Z	26	PC: 15887 \| Set disk transfer address
2018-12-17T22:27:49.800310031Z	78	PC: 15893 \| Find first file
2018-12-17T22:27:49.806406532Z	26	PC: 15887 \| Set disk transfer address
2018-12-17T22:27:49.808337098Z	78	PC: 15893 \| Find first file
2018-12-17T22:27:49.813933817Z	26	PC: 15887 \| Set disk transfer address
2018-12-17T22:27:49.815183225Z	78	PC: 15893 \| Find first file
2018-12-17T22:27:49.819681893Z	26	PC: 15887 \| Set disk transfer address
2018-12-17T22:27:49.821039752Z	78	PC: 15893 \| Find first file
2018-12-17T22:27:49.824897053Z	61	PC: 16241 \| Open file (Filename = 'COCO.JMB')
2018-12-17T22:27:49.829924416Z	60	PC: 16241 \| Create or truncate file
2018-12-17T22:27:50.184555481Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:27:50.186653769Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:27:50.188117019Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:27:50.190608376Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:27:50.1920931Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:27:50.19355378Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:27:50.196389621Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:27:50.198157973Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:27:50.199549144Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:27:50.201532282Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:27:50.202889696Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:27:50.204205605Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:27:50.206933242Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:27:50.208071883Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:27:50.209210852Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:27:50.214364761Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:27:50.215698435Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:27:50.217015482Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:27:50.218885838Z	37	PC: 15c41 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:27:50.220040571Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.221576427Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.22385805Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.225383878Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.226867533Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.229043136Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.230600991Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.231988581Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.233954709Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.235392399Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.236830614Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.238888597Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.240453368Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.241887952Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.243979566Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.245659541Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.247196111Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.257444794Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.25969262Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.263057898Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.266151559Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.268763643Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.271519147Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.274778325Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.277011722Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.279248163Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.283073511Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.285403986Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.287472365Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.290646044Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.292639661Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.294711202Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.297192943Z	6	PC: 15cc8 \| Direct console I/O
2018-12-17T22:27:50.29928561Z	76	PC: 15c80 \| Terminate with return code (Return code = '103')