Sample viewer

vx.netlux.org/Virus.DOS.HLLW.Look.33330

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:39:44.534302729Z	48	PC: 12a4c \| Get DOS version
2018-12-17T22:39:44.536551748Z	53	PC: 12bf2 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:39:44.53778877Z	53	PC: 12bff \| Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:39:44.538986778Z	53	PC: 12c0c \| Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:39:44.540557347Z	53	PC: 12c19 \| Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:39:44.542331927Z	37	PC: 12c2d \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:39:44.544089874Z	74	PC: 12af7 \| Reallocate memory
2018-12-17T22:39:44.546902025Z	68	PC: 13ab3 \| I/O control for devices (Set for = 'pyright 1991 Borland Intl.')
2018-12-17T22:39:44.553889932Z	68	PC: 13ab3 \| I/O control for devices (Set for = '')
2018-12-17T22:39:44.555664655Z	53	PC: 13151 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:39:44.557781857Z	53	PC: 13151 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:39:44.563323103Z	53	PC: 13151 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:39:44.5645422Z	53	PC: 13151 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:39:44.566581268Z	53	PC: 13151 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:39:44.568773622Z	53	PC: 13151 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:39:44.571079389Z	53	PC: 13151 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:39:44.573310082Z	53	PC: 13151 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:39:44.57712641Z	53	PC: 13151 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:39:44.57834954Z	53	PC: 13151 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:39:44.581742539Z	53	PC: 13151 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:39:44.58398239Z	53	PC: 13161 \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:39:44.585161705Z	53	PC: 1316e \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:39:44.586664766Z	37	PC: 13271 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:39:44.601564309Z	37	PC: 13271 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:39:44.603476884Z	37	PC: 13271 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:39:44.60537177Z	37	PC: 13271 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:39:44.607631758Z	37	PC: 13271 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:39:44.6095155Z	37	PC: 13271 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:39:44.610898386Z	37	PC: 13271 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:39:44.613331835Z	37	PC: 13271 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:39:44.614590307Z	37	PC: 13271 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:39:44.615892385Z	37	PC: 13271 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:39:44.621515637Z	37	PC: 1327c \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:39:44.62285133Z	37	PC: 13286 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:39:44.628462793Z	67	PC: 14f87 \| Get or set file attributes
2018-12-17T22:39:44.636589115Z	61	PC: 1549b \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:39:44.643425324Z	68	PC: 14751 \| I/O control for devices (Set for = '')
2018-12-17T22:39:44.644916127Z	67	PC: 14f87 \| Get or set file attributes
2018-12-17T22:39:44.655861438Z	60	PC: 15308 \| Create or truncate file
2018-12-17T22:39:44.992666614Z	63	PC: 13bb6 \| Read file or device (Read 16384 bytes on handle 5)
2018-12-17T22:39:45.000741274Z	64	PC: 15e22 \| Write file or device (Write 16384 bytes on handle 6)
2018-12-17T22:39:45.017757616Z	63	PC: 13bb6 \| Read file or device (Read 16384 bytes on handle 5)
2018-12-17T22:39:45.025505754Z	64	PC: 15e22 \| Write file or device (Write 16384 bytes on handle 6)
2018-12-17T22:39:45.034684354Z	63	PC: 13bb6 \| Read file or device (Read 16384 bytes on handle 5)
2018-12-17T22:39:45.043030445Z	64	PC: 15e22 \| Write file or device (Write 562 bytes on handle 6)
2018-12-17T22:39:45.050966544Z	62	PC: 14fc2 \| Close file
2018-12-17T22:39:45.053117482Z	62	PC: 14fc2 \| Close file
2018-12-17T22:39:45.06029014Z	37	PC: 1398b \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:39:45.062206004Z	64	PC: 15e22 \| Write file or device (Write 39 bytes on handle 1)
2018-12-17T22:39:45.06490622Z	64	PC: 15e22 \| Write file or device (Write 1 bytes on handle 1)
2018-12-17T22:39:45.067389005Z	64	PC: 15e22 \| Write file or device (Write 1 bytes on handle 1)
2018-12-17T22:39:45.071044299Z	64	PC: 15e22 \| Write file or device (Write 22 bytes on handle 1)
2018-12-17T22:39:45.074745667Z	64	PC: 15e22 \| Write file or device (Write 1 bytes on handle 1)
2018-12-17T22:39:45.077519132Z	64	PC: 15e22 \| Write file or device (Write 1 bytes on handle 1)
2018-12-17T22:39:45.080987058Z	64	PC: 15e22 \| Write file or device (Write 26 bytes on handle 1)
2018-12-17T22:39:45.083133379Z	7	PC: 14658 \| Direct console input without echo