Sample viewer

vx.netlux.org/Virus.DOS.HLLO.Opa.5632

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:38:35.360800586Z 53 PC: 13242 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:38:35.362327541Z 53 PC: 13242 | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:38:35.363662175Z 53 PC: 13242 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:38:35.364744082Z 53 PC: 13242 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:38:35.365888888Z 53 PC: 13242 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:38:35.367529287Z 53 PC: 13242 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:38:35.368583202Z 53 PC: 13242 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:38:35.369643118Z 53 PC: 13242 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:38:35.371267967Z 53 PC: 13242 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:38:35.372354263Z 53 PC: 13242 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:38:35.3734466Z 53 PC: 13242 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:38:35.375929916Z 53 PC: 13242 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:38:35.37754622Z 53 PC: 13242 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:38:35.379152504Z 53 PC: 13242 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:38:35.381685274Z 53 PC: 13242 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:38:35.38327134Z 53 PC: 13242 | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:38:35.384835005Z 53 PC: 13242 | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:38:35.387411356Z 53 PC: 13242 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:38:35.388989338Z 53 PC: 13242 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:38:35.390550618Z 37 PC: 13257 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:38:35.392046174Z 37 PC: 1325f | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:38:35.394442106Z 37 PC: 13267 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:38:35.395948622Z 37 PC: 1326f | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:38:35.397900538Z 68 PC: 135df | I/O control for devices (Set for = '')
2018-12-17T22:38:35.400416867Z 26 PC: 13197 | Set disk transfer address
2018-12-17T22:38:35.40192119Z 78 PC: 131a3 | Find first file
2018-12-17T22:38:35.4095526Z 26 PC: 13197 | Set disk transfer address
2018-12-17T22:38:35.411783652Z 78 PC: 131a3 | Find first file
2018-12-17T22:38:35.41826716Z 26 PC: 13197 | Set disk transfer address
2018-12-17T22:38:35.419455398Z 78 PC: 131a3 | Find first file
2018-12-17T22:38:35.426516595Z 25 PC: 13d09 | Get default drive
2018-12-17T22:38:35.427854975Z 71 PC: 13d1c | Get current directory
2018-12-17T22:38:35.431152485Z 48 PC: 13c7c | Get DOS version
2018-12-17T22:38:35.435909072Z 48 PC: 13c7c | Get DOS version
2018-12-17T22:38:35.439772096Z 61 PC: 13b2e | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:38:35.44690103Z 60 PC: 13b2e | Create or truncate file
2018-12-17T22:38:35.466160698Z 63 PC: 13c01 | Read file or device (Read 2048 bytes on handle 5)
2018-12-17T22:38:35.47313936Z 84 PC: 132b7 | Get verify flag
2018-12-17T22:38:35.474686924Z 64 PC: 136e2 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:38:35.476483677Z 37 PC: 13356 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:38:35.478735377Z 37 PC: 13356 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:38:35.483751673Z 37 PC: 13356 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:38:35.485561952Z 37 PC: 13356 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:38:35.488187055Z 37 PC: 13356 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:38:35.48959668Z 37 PC: 13356 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:38:35.490967571Z 37 PC: 13356 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:38:35.500393852Z 37 PC: 13356 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:38:35.502165799Z 37 PC: 13356 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:38:35.504077709Z 37 PC: 13356 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:38:35.506981527Z 37 PC: 13356 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:38:35.508901432Z 37 PC: 13356 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:38:35.510842668Z 37 PC: 13356 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:38:35.512920901Z 37 PC: 13356 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:38:35.518020143Z 37 PC: 13356 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:38:35.519311505Z 37 PC: 13356 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:38:35.520652751Z 37 PC: 13356 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:38:35.522418686Z 37 PC: 13356 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:38:35.523745825Z 37 PC: 13356 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:38:35.525238696Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.52852796Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.530719016Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.532855189Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.535898851Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.538543902Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.541322534Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.544563808Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.54685947Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.55793725Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.5614417Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.563945995Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.566425404Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.568891278Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.572512417Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.57499906Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.57825996Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.581851503Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.584108193Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.586323604Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.58963518Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.592187517Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.594613314Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.598008207Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.600174116Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.602295221Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.604874848Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.607635216Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.609912304Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.612100094Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.615076228Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.617301559Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.61945305Z 6 PC: 133dd | Direct console I/O
2018-12-17T22:38:35.623870438Z 76 PC: 13395 | Terminate with return code (Return code = '158')