Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Jacklyn.12416

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:30:49.454159757Z 48 PC: 13268 | Get DOS version
2018-12-17T22:30:49.456512175Z 74 PC: 13268 | Reallocate memory
2018-12-17T22:30:49.458548619Z 37 PC: 13268 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:30:49.564929722Z 53 PC: 13268 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:30:49.567600088Z 37 PC: 13268 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:30:49.578549866Z 25 PC: 13268 | Get default drive
2018-12-17T22:30:49.580230277Z 71 PC: 13268 | Get current directory
2018-12-17T22:30:49.585947698Z 26 PC: 157f1 | Set disk transfer address
2018-12-17T22:30:49.587571332Z 78 PC: 15823 | Find first file
2018-12-17T22:30:49.595683178Z 61 PC: 13268 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:30:49.605058553Z 63 PC: 13268 | Read file or device (Read 256 bytes on handle 5)
2018-12-17T22:30:49.625751287Z 66 PC: 13268 | Move file pointer
2018-12-17T22:30:49.628014588Z 64 PC: 13268 | Write file or device (Write 12416 bytes on handle 5)
2018-12-17T22:30:49.644884508Z 62 PC: 13268 | Close file
2018-12-17T22:30:49.656260726Z 37 PC: 13268 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:30:49.660577189Z 76 PC: 13268 | Terminate with return code (Return code = '0')