Sample viewer

vx.netlux.org/Virus.DOS.HLLW.DeadByte.5120

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:41:09.262692813Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:41:09.281124523Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:41:09.282992162Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:41:09.284375627Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:41:09.286573187Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:41:09.289409147Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:41:09.291192533Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:41:09.292950514Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:41:09.305503059Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:41:09.308053928Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:41:09.310027048Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:41:09.320530839Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:41:09.32199131Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:41:09.324531812Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:41:09.329207319Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:41:09.330633727Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:41:09.332039402Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:41:09.335171322Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:41:09.339168303Z	53	PC: 12d4a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:41:09.341180143Z	37	PC: 12d5f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:41:09.342519949Z	37	PC: 12d67 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:41:09.345634055Z	37	PC: 12d6f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:41:09.348411335Z	37	PC: 12d77 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:41:09.351514344Z	68	PC: 13bb0 \| I/O control for devices (Set for = '.u �\|')
2018-12-17T22:41:09.354964274Z	48	PC: 137c1 \| Get DOS version
2018-12-17T22:41:09.357680905Z	48	PC: 137c1 \| Get DOS version
2018-12-17T22:41:09.360042465Z	61	PC: 13673 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:41:09.372389279Z	66	PC: 13caf \| Move file pointer
2018-12-17T22:41:09.375122717Z	66	PC: 13cbd \| Move file pointer
2018-12-17T22:41:09.377215887Z	66	PC: 13ccb \| Move file pointer
2018-12-17T22:41:09.381382729Z	66	PC: 137a5 \| Move file pointer
2018-12-17T22:41:09.384127026Z	63	PC: 13746 \| Read file or device (Read 5120 bytes on handle 5)
2018-12-17T22:41:09.392386392Z	62	PC: 136c3 \| Close file
2018-12-17T22:41:09.395053454Z	26	PC: 12c95 \| Set disk transfer address
2018-12-17T22:41:09.396594484Z	78	PC: 12ca1 \| Find first file
2018-12-17T22:41:09.40376851Z	64	PC: 133cb \| Write file or device (Write 12 bytes on handle 1)
2018-12-17T22:41:09.409908403Z	64	PC: 133cb \| Write file or device (Write 11 bytes on handle 1)
2018-12-17T22:41:09.416262109Z	64	PC: 133cb \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:41:09.41872483Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:41:09.420525012Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:41:09.42297163Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:41:09.424820132Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:41:09.426627328Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:41:09.428863845Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:41:09.430584638Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:41:09.432363311Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:41:09.43473828Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:41:09.436216854Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:41:09.438187759Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:41:09.440502667Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:41:09.442304898Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:41:09.444922011Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:41:09.448105533Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:41:09.450570426Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:41:09.454760801Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:41:09.458419012Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:41:09.460915884Z	37	PC: 12ea1 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:41:09.46272251Z	76	PC: 12ee0 \| Terminate with return code (Return code = '0')