Sample viewer

vx.netlux.org/Virus.DOS.HLLO.Nic.2600

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:15:37.580235518Z 53 PC: 12bea | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:15:37.581783455Z 53 PC: 12bea | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:15:37.582902186Z 53 PC: 12bea | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:15:37.583949346Z 53 PC: 12bea | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:15:37.585535791Z 53 PC: 12bea | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:15:37.5868594Z 53 PC: 12bea | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:15:37.588078918Z 53 PC: 12bea | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:15:37.589664193Z 53 PC: 12bea | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:15:37.592077107Z 53 PC: 12bea | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:15:37.593124454Z 53 PC: 12bea | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:15:37.594759472Z 53 PC: 12bea | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:15:37.596039956Z 53 PC: 12bea | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:15:37.5971646Z 53 PC: 12bea | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:15:37.598262613Z 53 PC: 12bea | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:15:37.600231542Z 53 PC: 12bea | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:15:37.601469329Z 53 PC: 12bea | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:15:37.602547485Z 53 PC: 12bea | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:15:37.604127464Z 53 PC: 12bea | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:15:37.60652317Z 53 PC: 12bea | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:15:37.60752215Z 37 PC: 12bff | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:15:37.609061194Z 37 PC: 12c07 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:15:37.610321758Z 37 PC: 12c0f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:15:37.611326886Z 37 PC: 12c17 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:15:37.613988137Z 68 PC: 132b9 | I/O control for devices (Set for = '%�')
2018-12-17T23:15:37.615332339Z 48 PC: 131fb | Get DOS version
2018-12-17T23:15:37.616516111Z 61 PC: 130ad | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T23:15:37.625409511Z 63 PC: 13180 | Read file or device (Read 2600 bytes on handle 5)
2018-12-17T23:15:37.632400464Z 26 PC: 12b35 | Set disk transfer address
2018-12-17T23:15:37.633450423Z 78 PC: 12b41 | Find first file
2018-12-17T23:15:37.640596835Z 60 PC: 130ad | Create or truncate file
2018-12-17T23:15:39.371627774Z 64 PC: 13180 | Write file or device (Write 2600 bytes on handle 6)
2018-12-17T23:15:39.600154669Z 62 PC: 130fd | Close file
2018-12-17T23:15:39.640900925Z 26 PC: 12b59 | Set disk transfer address
2018-12-17T23:15:39.642775221Z 79 PC: 12b5e | Find next file
2018-12-17T23:15:39.645720131Z 64 PC: 13008 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T23:15:39.648775494Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:15:39.653445714Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:15:39.654678851Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:15:39.656123544Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:15:39.657979067Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:15:39.659059205Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:15:39.660090926Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:15:39.661916035Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:15:39.663454997Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:15:39.665017041Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:15:39.667171417Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:15:39.669015801Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:15:39.670564287Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:15:39.673224243Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:15:39.674799412Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:15:39.676934872Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:15:39.678997538Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:15:39.68020673Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:15:39.681541009Z 37 PC: 12d41 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:15:39.683954056Z 76 PC: 12d80 | Terminate with return code (Return code = '0')