Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Victoria.6693

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:28:41.588085554Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:28:41.590540489Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:28:41.592150031Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:28:41.593837393Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:28:41.596133923Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:28:41.597734496Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:28:41.599336405Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:28:41.601404056Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:28:41.602666686Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:28:41.603939022Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:28:41.605712727Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:28:41.60741242Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:28:41.609109479Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:28:41.61167762Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:28:41.613071258Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:28:41.614414019Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:28:41.622215063Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:28:41.624007755Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:28:41.625658581Z 53 PC: 13c3a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:28:41.628055089Z 37 PC: 13c4f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:28:41.630156213Z 37 PC: 13c57 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:28:41.631871978Z 37 PC: 13c5f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:28:41.633581698Z 37 PC: 13c67 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:28:41.654488444Z 68 PC: 147e2 | I/O control for devices (Set for = '')
2018-12-17T22:28:41.657296799Z 53 PC: 13a10 | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:28:41.659259668Z 37 PC: 13a2c | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:28:41.661710113Z 53 PC: 13a10 | Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:28:41.667744312Z 37 PC: 13a2c | Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:28:41.675585131Z 48 PC: 143f3 | Get DOS version
2018-12-17T22:28:41.682416342Z 67 PC: 13938 | Get or set file attributes
2018-12-17T22:28:41.701861091Z 61 PC: 142a5 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:28:41.713613063Z 63 PC: 14378 | Read file or device (Read 6691 bytes on handle 5)
2018-12-17T22:28:41.723733379Z 62 PC: 142f5 | Close file
2018-12-17T22:28:41.726876121Z 26 PC: 139af | Set disk transfer address
2018-12-17T22:28:41.728774876Z 78 PC: 139bb | Find first file
2018-12-17T22:28:41.738613368Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.74044946Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.74450136Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.747030783Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.751086672Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.752919506Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.757387031Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.758867335Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.762533483Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.764564049Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.768251651Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.769620971Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.773891055Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.775173377Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.77859024Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.780269287Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.783938207Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.785165556Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.789510621Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.790816096Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.794310163Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.796147858Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.800276177Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.802002317Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.806263302Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.80823583Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.812233291Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.814313841Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.819788326Z 67 PC: 13938 | Get or set file attributes
2018-12-17T22:28:41.831217214Z 61 PC: 142a5 | Open file (Filename = '\TEST.EXE')
2018-12-17T22:28:41.839728047Z 66 PC: 14ce4 | Move file pointer
2018-12-17T22:28:41.841917542Z 66 PC: 14cf2 | Move file pointer
2018-12-17T22:28:41.843963397Z 66 PC: 14d00 | Move file pointer
2018-12-17T22:28:41.846164392Z 66 PC: 143d7 | Move file pointer
2018-12-17T22:28:41.848675198Z 63 PC: 14378 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:28:41.856823032Z 87 PC: 1397f | Get or set file date and time
2018-12-17T22:28:41.859042092Z 67 PC: 13938 | Get or set file attributes
2018-12-17T22:28:41.871584752Z 62 PC: 142f5 | Close file
2018-12-17T22:28:41.879815282Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.881708789Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.885691271Z 26 PC: 139af | Set disk transfer address
2018-12-17T22:28:41.887186284Z 78 PC: 139bb | Find first file
2018-12-17T22:28:41.894730778Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.897381041Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.900732049Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.90237275Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.906502363Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.908148365Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.911461283Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.913741548Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.91681901Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.918121487Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.922228539Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.924137379Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.927361652Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.929595709Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.933094486Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.934594887Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.938507612Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.939932036Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.943376256Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.946231206Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.9492363Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.950611763Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.95731069Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.959200829Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.974739899Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.977281944Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.980544864Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.981983608Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.985331956Z 26 PC: 139d3 | Set disk transfer address
2018-12-17T22:28:41.987503239Z 79 PC: 139d8 | Find next file
2018-12-17T22:28:41.990380164Z 37 PC: 13a2c | Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:28:41.992066618Z 37 PC: 13a2c | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:28:41.99428797Z 48 PC: 143f3 | Get DOS version
2018-12-17T22:28:41.99666715Z 26 PC: 139af | Set disk transfer address
2018-12-17T22:28:41.998277889Z 78 PC: 139bb | Find first file
2018-12-17T22:28:42.006141571Z 48 PC: 143f3 | Get DOS version
2018-12-17T22:28:42.008022609Z 67 PC: 13938 | Get or set file attributes
2018-12-17T22:28:42.019261657Z 61 PC: 142a5 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:28:42.028072249Z 66 PC: 143d7 | Move file pointer
2018-12-17T22:28:42.030017258Z 63 PC: 14378 | Read file or device (Read 6691 bytes on handle 5)
2018-12-17T22:28:42.038976169Z 66 PC: 143d7 | Move file pointer
2018-12-17T22:28:42.041739307Z 64 PC: 142d6 | Write file or device (Write 0 bytes on handle 5)
2018-12-17T22:28:42.052533668Z 66 PC: 143d7 | Move file pointer
2018-12-17T22:28:42.054633949Z 64 PC: 14378 | Write file or device (Write 6691 bytes on handle 5)
2018-12-17T22:28:42.078247082Z 87 PC: 1397f | Get or set file date and time
2018-12-17T22:28:42.080056841Z 67 PC: 13938 | Get or set file attributes
2018-12-17T22:28:42.105294044Z 62 PC: 142f5 | Close file
2018-12-17T22:28:42.122648541Z 53 PC: 13bad | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:28:42.124296448Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:28:42.12588409Z 53 PC: 13bad | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:28:42.128290276Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:28:42.130237834Z 53 PC: 13bad | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:28:42.131832297Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:28:42.134353418Z 53 PC: 13bad | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:28:42.135956526Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:28:42.137530596Z 53 PC: 13bad | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:28:42.139875251Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:28:42.154686248Z 53 PC: 13bad | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:28:42.156293184Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:28:42.158610303Z 53 PC: 13bad | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:28:42.160268955Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:28:42.161847194Z 53 PC: 13bad | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:28:42.164386442Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:28:42.165989126Z 53 PC: 13bad | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:28:42.168390348Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:28:42.170136655Z 53 PC: 13bad | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:28:42.172549277Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:28:42.174126494Z 53 PC: 13bad | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:28:42.175715793Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:28:42.178218156Z 53 PC: 13bad | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:28:42.179806389Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:28:42.181367045Z 53 PC: 13bad | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:28:42.186336205Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:28:42.187934295Z 53 PC: 13bad | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:28:42.18952471Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:28:42.192053262Z 53 PC: 13bad | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:28:42.193656122Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:28:42.195250657Z 53 PC: 13bad | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:28:42.197782662Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:28:42.199356143Z 53 PC: 13bad | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:28:42.200950626Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:28:42.203810432Z 53 PC: 13bad | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:28:42.205448244Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:28:42.20702697Z 53 PC: 13bad | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:28:42.209558457Z 37 PC: 13bb6 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:28:42.211538229Z 48 PC: 143f3 | Get DOS version
2018-12-17T22:28:42.213480343Z 41 PC: 13b64 | Parse filename
2018-12-17T22:28:42.216278664Z 41 PC: 13b72 | Parse filename
2018-12-17T22:28:42.218142241Z 75 PC: 13b7d | Execute program
2018-12-17T22:28:42.24016665Z 80 PC: 1a819 | Set current PSP
2018-12-17T22:28:42.242384613Z 48 PC: 1a81e | Get DOS version
2018-12-17T22:28:42.24439925Z 99 PC: 21000 | Get DBCS lead byte table pointer
2018-12-17T22:28:42.247488473Z 101 PC: 1a8a4 | Get extended country info
2018-12-17T22:28:42.250942775Z 99 PC: 1a8aa | Get DBCS lead byte table pointer
2018-12-17T22:28:42.252624749Z 74 PC: 1a90c | Reallocate memory
2018-12-17T22:28:42.254444883Z 25 PC: 1a943 | Get default drive
2018-12-17T22:28:42.25690137Z 37 PC: 1a403 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:28:42.258453791Z 37 PC: 1a40a | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:28:42.259986316Z 37 PC: 1a411 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:28:42.265741377Z 74 PC: 195ac | Reallocate memory
2018-12-17T22:28:42.267631012Z 72 PC: 195ed | Allocate memory
2018-12-17T22:28:42.269676846Z 72 PC: 19625 | Allocate memory
2018-12-17T22:28:42.272778231Z 72 PC: 1962d | Allocate memory