Sample viewer

vx.netlux.org/Virus.DOS.HLLC.Energy.6496

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:32:37.789953256Z 53 PC: 1325a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:32:37.792407581Z 53 PC: 1325a | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:32:37.801051991Z 53 PC: 1325a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:32:37.80224688Z 53 PC: 1325a | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:32:37.804259796Z 53 PC: 1325a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:32:37.805736864Z 53 PC: 1325a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:32:37.807169382Z 53 PC: 1325a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:32:37.810307888Z 53 PC: 1325a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:32:37.811524875Z 53 PC: 1325a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:32:37.812740236Z 53 PC: 1325a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:32:37.814914538Z 53 PC: 1325a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:32:37.816121228Z 53 PC: 1325a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:32:37.817232857Z 53 PC: 1325a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:32:37.818370006Z 53 PC: 1325a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:32:37.819829919Z 53 PC: 1325a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:32:37.82156668Z 53 PC: 1325a | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:32:37.82284364Z 53 PC: 1325a | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:32:37.834370188Z 53 PC: 1325a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:32:37.83609523Z 53 PC: 1325a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:32:37.83767836Z 37 PC: 1326f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:32:37.845870671Z 37 PC: 13277 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:32:37.847061691Z 37 PC: 1327f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:32:37.848243428Z 37 PC: 13287 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:32:37.865569988Z 68 PC: 1411c | I/O control for devices (Set for = '��>��$��� �u��>��;�!�W��2�������_��V�w�^����1��7�u�9�&�G&�W3�5�;�=�Ìَ��.��tD���')
2018-12-17T22:32:37.870186593Z 26 PC: 12ff9 | Set disk transfer address
2018-12-17T22:32:37.871817957Z 78 PC: 13005 | Find first file
2018-12-17T22:32:37.879561894Z 26 PC: 1301d | Set disk transfer address
2018-12-17T22:32:37.882224053Z 79 PC: 13022 | Find next file
2018-12-17T22:32:37.885094449Z 25 PC: 13dee | Get default drive
2018-12-17T22:32:37.886774789Z 71 PC: 13e01 | Get current directory
2018-12-17T22:32:37.889762335Z 14 PC: 13e47 | Set default drive (Drive = 'C')
2018-12-17T22:32:37.890934928Z 25 PC: 13e4b | Get default drive
2018-12-17T22:32:37.893151471Z 59 PC: 13eb5 | Change current directory
2018-12-17T22:32:37.896961655Z 26 PC: 12ff9 | Set disk transfer address
2018-12-17T22:32:37.898090197Z 78 PC: 13005 | Find first file
2018-12-17T22:32:37.904146876Z 26 PC: 12ff9 | Set disk transfer address
2018-12-17T22:32:37.905521189Z 78 PC: 13005 | Find first file
2018-12-17T22:32:37.911015169Z 26 PC: 1301d | Set disk transfer address
2018-12-17T22:32:37.912848131Z 79 PC: 13022 | Find next file
2018-12-17T22:32:37.915612296Z 26 PC: 1301d | Set disk transfer address
2018-12-17T22:32:37.916921153Z 79 PC: 13022 | Find next file
2018-12-17T22:32:37.92064349Z 59 PC: 13eb5 | Change current directory
2018-12-17T22:32:37.92715121Z 26 PC: 12ff9 | Set disk transfer address
2018-12-17T22:32:37.928178228Z 78 PC: 13005 | Find first file
2018-12-17T22:32:37.937409466Z 25 PC: 13dee | Get default drive
2018-12-17T22:32:37.939874579Z 71 PC: 13e01 | Get current directory
2018-12-17T22:32:37.943023061Z 67 PC: 12fc8 | Get or set file attributes
2018-12-17T22:32:38.301314765Z 88 PC: 12b4f | case 0xGet or set allocation strateg:
2018-12-17T22:32:38.310435378Z 53 PC: 131cc | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:32:38.31213498Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:32:38.313783468Z 53 PC: 131cc | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:32:38.315690983Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:32:38.316844766Z 53 PC: 131cc | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:32:38.318333442Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:32:38.320090944Z 53 PC: 131cc | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:32:38.321484897Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:32:38.322584107Z 53 PC: 131cc | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:32:38.325654795Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:32:38.326640751Z 53 PC: 131cc | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:32:38.327712764Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:32:38.329248097Z 53 PC: 131cc | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:32:38.330736534Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:32:38.331658293Z 53 PC: 131cc | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:32:38.333529425Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:32:38.334739644Z 53 PC: 131cc | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:32:38.336374704Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:32:38.33865987Z 53 PC: 131cc | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:32:38.339754565Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:32:38.341341063Z 53 PC: 131cc | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:32:38.342968183Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:32:38.344642451Z 53 PC: 131cc | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:32:38.346201808Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:32:38.348038076Z 53 PC: 131cc | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:32:38.349511067Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:32:38.350641068Z 53 PC: 131cc | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:32:38.352281612Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:32:38.353256632Z 53 PC: 131cc | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:32:38.354393067Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:32:38.356163877Z 53 PC: 131cc | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:32:38.357209955Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:32:38.358133085Z 53 PC: 131cc | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:32:38.359468403Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:32:38.360523813Z 53 PC: 131cc | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:32:38.361648619Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:32:38.363010233Z 53 PC: 131cc | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:32:38.364071606Z 37 PC: 131d5 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:32:38.365727153Z 41 PC: 13183 | Parse filename
2018-12-17T22:32:38.367459014Z 41 PC: 13191 | Parse filename
2018-12-17T22:32:38.368925076Z 75 PC: 1319c | Execute program
2018-12-17T22:32:38.388415786Z 80 PC: 17e69 | Set current PSP
2018-12-17T22:32:38.389888786Z 48 PC: 17e6e | Get DOS version
2018-12-17T22:32:38.391353759Z 99 PC: 1e650 | Get DBCS lead byte table pointer
2018-12-17T22:32:38.393775155Z 101 PC: 17ef4 | Get extended country info
2018-12-17T22:32:38.395311723Z 99 PC: 17efa | Get DBCS lead byte table pointer
2018-12-17T22:32:38.39618489Z 74 PC: 17f5c | Reallocate memory
2018-12-17T22:32:38.397138983Z 25 PC: 17f93 | Get default drive
2018-12-17T22:32:38.398570148Z 37 PC: 17a53 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:32:38.399685341Z 37 PC: 17a5a | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:32:38.40065901Z 37 PC: 17a61 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:32:38.404909016Z 74 PC: 16bfc | Reallocate memory
2018-12-17T22:32:38.406138276Z 72 PC: 16c3d | Allocate memory
2018-12-17T22:32:38.407455705Z 72 PC: 16c75 | Allocate memory
2018-12-17T22:32:38.409275277Z 72 PC: 16c7d | Allocate memory