Sample viewer

vx.netlux.org/Virus.DOS.HLLO.163984

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:32:19.960478355Z	53	PC: 13946 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:32:19.961740696Z	53	PC: 13946 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:32:19.968827228Z	53	PC: 13946 \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:32:19.97008378Z	53	PC: 13946 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:32:19.971368193Z	53	PC: 13946 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:32:19.976193504Z	53	PC: 13946 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:32:19.985686134Z	53	PC: 13946 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:32:19.988310257Z	53	PC: 13946 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:32:19.991934591Z	53	PC: 13946 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:32:19.994342215Z	53	PC: 13946 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:32:19.996857739Z	53	PC: 13946 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:32:19.999108989Z	53	PC: 13946 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:32:20.00031337Z	53	PC: 13946 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:32:20.001554815Z	53	PC: 13946 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:32:20.003736592Z	53	PC: 13946 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:32:20.005664101Z	53	PC: 13946 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:32:20.007266789Z	53	PC: 13946 \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:32:20.00909941Z	53	PC: 13946 \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:32:20.01065589Z	37	PC: 1395b \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:32:20.011816342Z	37	PC: 13963 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:32:20.018262509Z	37	PC: 1396b \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:32:20.019384647Z	37	PC: 13973 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:32:20.020702566Z	68	PC: 13f73 \| I/O control for devices (Set for = '')
2018-12-17T22:32:20.086245632Z	37	PC: 13377 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:32:20.087437851Z	25	PC: 14449 \| Get default drive
2018-12-17T22:32:20.088597188Z	71	PC: 1445c \| Get current directory
2018-12-17T22:32:20.091659823Z	26	PC: 1320b \| Set disk transfer address
2018-12-17T22:32:20.092777866Z	78	PC: 13217 \| Find first file
2018-12-17T22:32:20.09799542Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.098969407Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.101200049Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.102755969Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.104567816Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.105448535Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.107812388Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.10869221Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.111314025Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.113528719Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.116379058Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.117696963Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.121284682Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.122913531Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.125069955Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.126502908Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.128571598Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.129621502Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.132046628Z	26	PC: 1320b \| Set disk transfer address
2018-12-17T22:32:20.132935599Z	78	PC: 13217 \| Find first file
2018-12-17T22:32:20.136985703Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.138666704Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.140629869Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.141469223Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.143993664Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.144842056Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.146829167Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.14810611Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.150460488Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.151287265Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.153626923Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.154462588Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.156413991Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.157807338Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.159758457Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.16075533Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.165143009Z	61	PC: 1426a \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:32:20.171574537Z	63	PC: 1433d \| Read file or device (Read 10 bytes on handle 5)
2018-12-17T22:32:20.178743808Z	66	PC: 14406 \| Move file pointer
2018-12-17T22:32:20.180081717Z	66	PC: 14414 \| Move file pointer
2018-12-17T22:32:20.181371513Z	66	PC: 14422 \| Move file pointer
2018-12-17T22:32:20.183242599Z	62	PC: 142ba \| Close file
2018-12-17T22:32:20.18544555Z	26	PC: 1320b \| Set disk transfer address
2018-12-17T22:32:20.186447234Z	78	PC: 13217 \| Find first file
2018-12-17T22:32:20.19350621Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.194512973Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.196632408Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.19809553Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.200070308Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.200879947Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.203635478Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.204512725Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.206536582Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.207820684Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.209822096Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.210917457Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.213281644Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.214162163Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.218498596Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.219709806Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.222986141Z	61	PC: 1426a \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:32:20.230300082Z	63	PC: 1433d \| Read file or device (Read 10 bytes on handle 5)
2018-12-17T22:32:20.234391112Z	62	PC: 142ba \| Close file
2018-12-17T22:32:20.236478142Z	26	PC: 1322f \| Set disk transfer address
2018-12-17T22:32:20.238412518Z	79	PC: 13234 \| Find next file
2018-12-17T22:32:20.241054423Z	14	PC: 144a2 \| Set default drive (Drive = 'A')
2018-12-17T22:32:20.242561734Z	25	PC: 144a6 \| Get default drive
2018-12-17T22:32:20.244752889Z	59	PC: 14510 \| Change current directory
2018-12-17T22:32:20.24900928Z	37	PC: 13a55 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:32:20.252820825Z	37	PC: 13a55 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:32:20.254582063Z	37	PC: 13a55 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:32:20.255967562Z	37	PC: 13a55 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:32:20.258011042Z	37	PC: 13a55 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:32:20.259493084Z	37	PC: 13a55 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:32:20.260920505Z	37	PC: 13a55 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:32:20.263080116Z	37	PC: 13a55 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:32:20.264719277Z	37	PC: 13a55 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:32:20.266428092Z	37	PC: 13a55 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:32:20.268014949Z	37	PC: 13a55 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:32:20.269449973Z	37	PC: 13a55 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:32:20.271931648Z	37	PC: 13a55 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:32:20.273063443Z	37	PC: 13a55 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:32:20.274180419Z	37	PC: 13a55 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:32:20.276018673Z	37	PC: 13a55 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:32:20.277474661Z	37	PC: 13a55 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:32:20.27854937Z	37	PC: 13a55 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:32:20.283445724Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.285980637Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.288571762Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.291112553Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.293326144Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.296370389Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.298858661Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.301187264Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.304626073Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.306894473Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.309168408Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.312354625Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.314596459Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.316843611Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.320129716Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.322422752Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.324797629Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.328138585Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.330523949Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.332869141Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.335658272Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.338113553Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.343832698Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.346246083Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.348565849Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.351766736Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.35440033Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.356784928Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.360173898Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.36256252Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.364854813Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.367923098Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.370138598Z	6	PC: 13adc \| Direct console I/O
2018-12-17T22:32:20.374114545Z	76	PC: 13a94 \| Terminate with return code (Return code = '3')