Sample viewer

vx.netlux.org/Virus.DOS.HLLP.UX.7200.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:39:04.536943455Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:39:04.538589585Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:39:04.539704209Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:39:04.54076394Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:39:04.542590114Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:39:04.543559683Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:39:04.544685279Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:39:04.54693761Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:39:04.548116228Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:39:04.549152107Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:39:04.550338339Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:39:04.551811673Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:39:04.552886069Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:39:04.553981356Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:39:04.555205598Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:39:04.556250853Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:39:04.557306054Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:39:04.566828069Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:39:04.567945733Z	53	PC: 1367a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:39:04.569033712Z	37	PC: 1368f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:39:04.585547692Z	37	PC: 13697 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:39:04.586500938Z	37	PC: 1369f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:39:04.587297434Z	37	PC: 136a7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:39:04.588833795Z	68	PC: 14432 \| I/O control for devices (Set for = '��o�@�`�@�a��}�@�~� ø��Q��\')
2018-12-17T22:39:04.59005097Z	48	PC: 13f62 \| Get DOS version
2018-12-17T22:39:04.591267407Z	61	PC: 13da0 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:39:04.596937869Z	87	PC: 133b0 \| Get or set file date and time
2018-12-17T22:39:04.598138108Z	60	PC: 13da0 \| Create or truncate file
2018-12-17T22:39:04.87687132Z	66	PC: 13ed2 \| Move file pointer
2018-12-17T22:39:04.879757821Z	63	PC: 13e73 \| Read file or device (Read 8192 bytes on handle 5)
2018-12-17T22:39:04.883181536Z	64	PC: 13e73 \| Write file or device (Write 448 bytes on handle 6)
2018-12-17T22:39:04.887325287Z	66	PC: 14531 \| Move file pointer
2018-12-17T22:39:04.89019925Z	66	PC: 1453f \| Move file pointer
2018-12-17T22:39:04.891967777Z	66	PC: 1454d \| Move file pointer
2018-12-17T22:39:04.893815037Z	62	PC: 13df0 \| Close file
2018-12-17T22:39:04.896176943Z	87	PC: 133dd \| Get or set file date and time
2018-12-17T22:39:04.906021262Z	62	PC: 13df0 \| Close file
2018-12-17T22:39:04.914575656Z	67	PC: 1336f \| Get or set file attributes
2018-12-17T22:39:04.92052896Z	61	PC: 13da0 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:39:04.928619678Z	87	PC: 133b0 \| Get or set file date and time
2018-12-17T22:39:04.93049716Z	63	PC: 13e73 \| Read file or device (Read 7200 bytes on handle 5)
2018-12-17T22:39:04.937992401Z	66	PC: 13ed2 \| Move file pointer
2018-12-17T22:39:04.940701131Z	64	PC: 13e73 \| Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:39:04.943598485Z	87	PC: 133dd \| Get or set file date and time
2018-12-17T22:39:04.945353695Z	62	PC: 13df0 \| Close file
2018-12-17T22:39:04.954255168Z	67	PC: 13396 \| Get or set file attributes
2018-12-17T22:39:04.965312398Z	26	PC: 1340d \| Set disk transfer address
2018-12-17T22:39:04.966719031Z	78	PC: 13419 \| Find first file
2018-12-17T22:39:04.977999304Z	64	PC: 13cfb \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:39:04.979942534Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:39:04.981367618Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:39:04.983930233Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:39:04.985468288Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:39:04.987492511Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:39:04.989997249Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:39:04.991479247Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:39:04.99290775Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:39:04.995929824Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:39:05.002351374Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:39:05.003948416Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:39:05.006291216Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:39:05.007520661Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:39:05.008643478Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:39:05.010559868Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:39:05.011724485Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:39:05.013096345Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:39:05.014805Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:39:05.016252154Z	37	PC: 137d1 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:39:05.017488499Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.019729411Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.022209753Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.024553245Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.027110624Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.030252082Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.032487194Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.034596861Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.037424489Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.039600737Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.042100912Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.045410927Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.047617731Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.049937565Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.053080246Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.055418058Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.057719571Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.060512358Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.063551783Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.06587036Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.068908746Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.083493038Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.085549248Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.088300217Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.090603061Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.092956974Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.096149121Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.098699097Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.101093679Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.104251327Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.106942294Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.109307976Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.112251186Z	6	PC: 13858 \| Direct console I/O
2018-12-17T22:39:05.116359059Z	76	PC: 13810 \| Terminate with return code (Return code = '202')