Sample viewer

vx.netlux.org/Virus.DOS.HLLO.Bizarr

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:31:45.578702181Z 48 PC: 12a4b | Get DOS version
2018-12-17T22:31:45.581201752Z 53 PC: 12bca | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:31:45.582666764Z 53 PC: 12bd7 | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:31:45.58390792Z 53 PC: 12be4 | Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:31:45.585657009Z 53 PC: 12bf1 | Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:31:45.587518728Z 37 PC: 12c05 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:31:45.589277942Z 74 PC: 12af6 | Reallocate memory
2018-12-17T22:31:45.593509732Z 68 PC: 142a4 | I/O control for devices (Set for = 'WW')
2018-12-17T22:31:45.597063981Z 68 PC: 142a4 | I/O control for devices (Set for = '� ��')
2018-12-17T22:31:45.600281976Z 42 PC: 1409e | Get date 0x1409e: mov word ptr [si], cx
0x140a0: mov word ptr [si + 2], dx
0x140a3: pop si
0x140a4: pop bp
0x140a5: ret
0x140a6: push bp
0x140a7: mov bp, sp
0x140a9: push si
0x140aa: mov si, word ptr [bp + 4]
0x140ad: mov ah, 0x2c
0x140af: int 0x21
0x140b1: mov word ptr [si], cx
0x140b3: mov word ptr [si + 2], dx
0x140b6: pop si
0x140b7: pop bp
0x140b8: ret
0x140b9: push bp
0x140ba: mov bp, sp
0x140bc: sub sp, 2
0x140bf: lea ax, word ptr [bp - 2]
2018-12-17T22:31:45.602838222Z 44 PC: 140b1 | Get time 0x140b1: mov word ptr [si], cx
0x140b3: mov word ptr [si + 2], dx
0x140b6: pop si
0x140b7: pop bp
0x140b8: ret
0x140b9: push bp
0x140ba: mov bp, sp
0x140bc: sub sp, 2
0x140bf: lea ax, word ptr [bp - 2]
0x140c2: push ax
0x140c3: call 0x23fe0
0x140c6: pop cx
0x140c7: mov ax, word ptr [bp - 2]
0x140ca: dec ax
0x140cb: mov sp, bp
0x140cd: pop bp
0x140ce: ret
0x140cf: push bp
0x140d0: mov bp, sp
0x140d2: sub sp, 2
2018-12-17T22:31:45.610714726Z 53 PC: 14169 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:31:45.615349934Z 37 PC: 1417c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:31:45.61850328Z 67 PC: 15357 | Get or set file attributes
2018-12-17T22:31:45.630641244Z 67 PC: 15357 | Get or set file attributes
2018-12-17T22:31:45.637275566Z 47 PC: 1558b | Get disk transfer address
2018-12-17T22:31:45.638740917Z 26 PC: 15594 | Set disk transfer address
2018-12-17T22:31:45.641099794Z 78 PC: 1559e | Find first file
2018-12-17T22:31:45.647334037Z 26 PC: 155a7 | Set disk transfer address
2018-12-17T22:31:45.64897522Z 67 PC: 15357 | Get or set file attributes
2018-12-17T22:31:45.671674915Z 67 PC: 15357 | Get or set file attributes
2018-12-17T22:31:45.678613276Z 61 PC: 15e3a | Open file (Filename = 'c:\dos386.sys')
2018-12-17T22:31:45.684757244Z 42 PC: 1409e | Get date 0x1409e: mov word ptr [si], cx
0x140a0: mov word ptr [si + 2], dx
0x140a3: pop si
0x140a4: pop bp
0x140a5: ret
0x140a6: push bp
0x140a7: mov bp, sp
0x140a9: push si
0x140aa: mov si, word ptr [bp + 4]
0x140ad: mov ah, 0x2c
0x140af: int 0x21
0x140b1: mov word ptr [si], cx
0x140b3: mov word ptr [si + 2], dx
0x140b6: pop si
0x140b7: pop bp
0x140b8: ret
0x140b9: push bp
0x140ba: mov bp, sp
0x140bc: sub sp, 2
0x140bf: lea ax, word ptr [bp - 2]
2018-12-17T22:31:45.68819515Z 44 PC: 140b1 | Get time 0x140b1: mov word ptr [si], cx
0x140b3: mov word ptr [si + 2], dx
0x140b6: pop si
0x140b7: pop bp
0x140b8: ret
0x140b9: push bp
0x140ba: mov bp, sp
0x140bc: sub sp, 2
0x140bf: lea ax, word ptr [bp - 2]
0x140c2: push ax
0x140c3: call 0x23fe0
0x140c6: pop cx
0x140c7: mov ax, word ptr [bp - 2]
0x140ca: dec ax
0x140cb: mov sp, bp
0x140cd: pop bp
0x140ce: ret
0x140cf: push bp
0x140d0: mov bp, sp
0x140d2: sub sp, 2
2018-12-17T22:31:45.691589354Z 67 PC: 15357 | Get or set file attributes
2018-12-17T22:31:45.698299999Z 25 PC: 13feb | Get default drive
2018-12-17T22:31:45.700596395Z 71 PC: 14498 | Get current directory
2018-12-17T22:31:45.704084288Z 47 PC: 13f88 | Get disk transfer address
2018-12-17T22:31:45.705499424Z 26 PC: 13f91 | Set disk transfer address
2018-12-17T22:31:45.707726745Z 78 PC: 13f9b | Find first file
2018-12-17T22:31:45.713839346Z 26 PC: 13fa4 | Set disk transfer address
2018-12-17T22:31:45.715760948Z 47 PC: 13f88 | Get disk transfer address
2018-12-17T22:31:45.717910525Z 26 PC: 13f91 | Set disk transfer address
2018-12-17T22:31:45.71931254Z 78 PC: 13f9b | Find first file
2018-12-17T22:31:45.72969033Z 26 PC: 13fa4 | Set disk transfer address
2018-12-17T22:31:45.746352033Z 25 PC: 13feb | Get default drive
2018-12-17T22:31:45.748074562Z 71 PC: 14498 | Get current directory
2018-12-17T22:31:45.751610781Z 47 PC: 13f88 | Get disk transfer address
2018-12-17T22:31:45.753808403Z 26 PC: 13f91 | Set disk transfer address
2018-12-17T22:31:45.755526445Z 78 PC: 13f9b | Find first file
2018-12-17T22:31:45.761668653Z 26 PC: 13fa4 | Set disk transfer address
2018-12-17T22:31:45.764640231Z 47 PC: 13f88 | Get disk transfer address
2018-12-17T22:31:45.766076829Z 26 PC: 13f91 | Set disk transfer address
2018-12-17T22:31:45.767393127Z 78 PC: 13f9b | Find first file
2018-12-17T22:31:45.774065705Z 26 PC: 13fa4 | Set disk transfer address
2018-12-17T22:31:45.777698901Z 47 PC: 1558b | Get disk transfer address
2018-12-17T22:31:45.779061299Z 26 PC: 15594 | Set disk transfer address
2018-12-17T22:31:45.780366065Z 78 PC: 1559e | Find first file
2018-12-17T22:31:45.787287041Z 26 PC: 155a7 | Set disk transfer address
2018-12-17T22:31:45.790286747Z 25 PC: 13feb | Get default drive
2018-12-17T22:31:45.791763085Z 71 PC: 14498 | Get current directory
2018-12-17T22:31:45.796140947Z 47 PC: 13f88 | Get disk transfer address
2018-12-17T22:31:45.797607622Z 26 PC: 13f91 | Set disk transfer address
2018-12-17T22:31:45.799007257Z 78 PC: 13f9b | Find first file
2018-12-17T22:31:45.805880203Z 26 PC: 13fa4 | Set disk transfer address
2018-12-17T22:31:45.807461677Z 47 PC: 13f88 | Get disk transfer address
2018-12-17T22:31:45.808487174Z 26 PC: 13f91 | Set disk transfer address
2018-12-17T22:31:45.810342662Z 78 PC: 13f9b | Find first file
2018-12-17T22:31:45.817353243Z 26 PC: 13fa4 | Set disk transfer address
2018-12-17T22:31:45.821186971Z 47 PC: 1558b | Get disk transfer address
2018-12-17T22:31:45.823481029Z 26 PC: 15594 | Set disk transfer address
2018-12-17T22:31:45.825587805Z 78 PC: 1559e | Find first file
2018-12-17T22:31:45.833367891Z 26 PC: 155a7 | Set disk transfer address
2018-12-17T22:31:45.836301418Z 67 PC: 15357 | Get or set file attributes
2018-12-17T22:31:45.844232332Z 25 PC: 13feb | Get default drive
2018-12-17T22:31:45.845966076Z 54 PC: 14128 | Get free disk space
2018-12-17T22:31:45.856763842Z 67 PC: 15357 | Get or set file attributes
2018-12-17T22:31:45.862910144Z 61 PC: 15e3a | Open file (Filename = 'A:\TEST.COM')
2018-12-17T22:31:45.869707208Z 68 PC: 14d16 | I/O control for devices (Set for = '� ��')
2018-12-17T22:31:45.87263053Z 68 PC: 142a4 | I/O control for devices
2018-12-17T22:31:45.874842911Z 63 PC: 1445a | Read file or device (Read 25088 bytes on handle 5)
2018-12-17T22:31:45.884135086Z 67 PC: 15357 | Get or set file attributes
2018-12-17T22:31:45.891570628Z 60 PC: 15ca7 | Create or truncate file
2018-12-17T22:31:46.264031036Z 68 PC: 142a4 | I/O control for devices
2018-12-17T22:31:46.266547101Z 64 PC: 16c6e | Write file or device (Write 17923 bytes on handle 6)
2018-12-17T22:31:46.282425468Z 63 PC: 1445a | Read file or device (Read 25088 bytes on handle 5)
2018-12-17T22:31:46.286057335Z 62 PC: 15392 | Close file
2018-12-17T22:31:46.287993882Z 64 PC: 16c6e | Write file or device (Write 111 bytes on handle 6)
2018-12-17T22:31:46.291185446Z 62 PC: 15392 | Close file
2018-12-17T22:31:46.299021562Z 67 PC: 15357 | Get or set file attributes
2018-12-17T22:31:46.304999312Z 67 PC: 15357 | Get or set file attributes
2018-12-17T22:31:46.31552609Z 67 PC: 15357 | Get or set file attributes
2018-12-17T22:31:46.321654075Z 61 PC: 15e3a | Open file (Filename = 'C:\DOS\ATTRIB.EXE')
2018-12-17T22:31:46.328390146Z 68 PC: 14d16 | I/O control for devices (Set for = 'C:\DOS\ATTRIB.COM')
2018-12-17T22:31:46.329846494Z 67 PC: 15357 | Get or set file attributes
2018-12-17T22:31:46.336123204Z 61 PC: 15e3a | Open file (Filename = 'C:\DOS\ATTRIB.COM')
2018-12-17T22:31:46.34317431Z 68 PC: 14d16 | I/O control for devices (Set for = 'C:\DOS\ATTRIB.COM')
2018-12-17T22:31:46.344906187Z 87 PC: 1414a | Get or set file date and time
2018-12-17T22:31:46.34717882Z 87 PC: 14767 | Get or set file date and time
2018-12-17T22:31:46.348631673Z 62 PC: 15392 | Close file
2018-12-17T22:31:46.350477675Z 62 PC: 15392 | Close file
2018-12-17T22:31:46.357178745Z 67 PC: 15357 | Get or set file attributes
2018-12-17T22:31:46.367393708Z 47 PC: 1558b | Get disk transfer address
2018-12-17T22:31:46.36872533Z 26 PC: 15594 | Set disk transfer address
2018-12-17T22:31:46.370658333Z 78 PC: 1559e | Find first file
2018-12-17T22:31:46.377311741Z 26 PC: 155a7 | Set disk transfer address
2018-12-17T22:31:46.378750752Z 60 PC: 153b5 | Create or truncate file
2018-12-17T22:31:46.391317807Z 37 PC: 1417c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:31:46.394608608Z 47 PC: 13f88 | Get disk transfer address
2018-12-17T22:31:46.395820654Z 26 PC: 13f91 | Set disk transfer address
2018-12-17T22:31:46.397577063Z 78 PC: 13f9b | Find first file
2018-12-17T22:31:46.40339569Z 26 PC: 13fa4 | Set disk transfer address
2018-12-17T22:31:46.405149093Z 47 PC: 13f88 | Get disk transfer address
2018-12-17T22:31:46.406922659Z 26 PC: 13f91 | Set disk transfer address
2018-12-17T22:31:46.408095062Z 78 PC: 13f9b | Find first file
2018-12-17T22:31:46.414421706Z 26 PC: 13fa4 | Set disk transfer address
2018-12-17T22:31:46.417741275Z 25 PC: 13feb | Get default drive
2018-12-17T22:31:46.419058795Z 71 PC: 14498 | Get current directory
2018-12-17T22:31:46.422268046Z 47 PC: 13f88 | Get disk transfer address
2018-12-17T22:31:46.423963441Z 26 PC: 13f91 | Set disk transfer address
2018-12-17T22:31:46.424974457Z 78 PC: 13f9b | Find first file
2018-12-17T22:31:46.430907345Z 26 PC: 13fa4 | Set disk transfer address
2018-12-17T22:31:46.432726186Z 25 PC: 13feb | Get default drive
2018-12-17T22:31:46.433804956Z 71 PC: 14498 | Get current directory
2018-12-17T22:31:46.436761248Z 47 PC: 13f88 | Get disk transfer address
2018-12-17T22:31:46.439014661Z 26 PC: 13f91 | Set disk transfer address
2018-12-17T22:31:46.440347968Z 78 PC: 13f9b | Find first file
2018-12-17T22:31:46.447029177Z 26 PC: 13fa4 | Set disk transfer address
2018-12-17T22:31:46.449216416Z 25 PC: 13feb | Get default drive
2018-12-17T22:31:46.450434963Z 71 PC: 14498 | Get current directory
2018-12-17T22:31:46.453482751Z 47 PC: 13f88 | Get disk transfer address
2018-12-17T22:31:46.463328237Z 26 PC: 13f91 | Set disk transfer address
2018-12-17T22:31:46.464367398Z 78 PC: 13f9b | Find first file
2018-12-17T22:31:46.470081108Z 26 PC: 13fa4 | Set disk transfer address
2018-12-17T22:31:46.472589214Z 37 PC: 12c11 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:31:46.47366345Z 37 PC: 12c1c | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:31:46.474702298Z 37 PC: 12c27 | Set interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:31:46.476714391Z 37 PC: 12c32 | Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:31:46.478062673Z 62 PC: 15392 | Close file
2018-12-17T22:31:46.479932511Z 62 PC: 15392 | Close file
2018-12-17T22:31:46.483197003Z 62 PC: 15392 | Close file
2018-12-17T22:31:46.484652324Z 62 PC: 15392 | Close file
2018-12-17T22:31:46.486327344Z 62 PC: 15392 | Close file
2018-12-17T22:31:46.488736075Z 76 PC: 12bbb | Terminate with return code (Return code = '255')