Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Santos.14042

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:41:47.316868469Z 48 PC: 12a4c | Get DOS version
2018-12-17T22:41:47.324114295Z 53 PC: 12bf2 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:41:47.325150724Z 53 PC: 12bff | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:41:47.326143247Z 53 PC: 12c0c | Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:41:47.327632649Z 53 PC: 12c19 | Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:41:47.328636813Z 37 PC: 12c2d | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:41:47.329800362Z 74 PC: 12af7 | Reallocate memory
2018-12-17T22:41:47.332207079Z 68 PC: 13830 | I/O control for devices (Set for = 'pyright 1991 Borland Intl.')
2018-12-17T22:41:47.33384317Z 68 PC: 13830 | I/O control for devices (Set for = '')
2018-12-17T22:41:47.336300656Z 44 PC: 1362d | Get time 0x1362d: mov word ptr [si], cx
0x1362f: mov word ptr [si + 2], dx
0x13632: pop si
0x13633: pop bp
0x13634: ret
0x13635: push bp
0x13636: mov bp, sp
0x13638: sub sp, 2
0x1363b: lea ax, word ptr [bp - 2]
0x1363e: push ax
0x1363f: call 0x23541
0x13642: pop cx
0x13643: mov ax, word ptr [bp - 2]
0x13646: dec ax
0x13647: mov sp, bp
0x13649: pop bp
0x1364a: ret
0x1364b: push bp
0x1364c: mov bp, sp
0x1364e: sub sp, 2
2018-12-17T22:41:47.339184737Z 42 PC: 1361a | Get date 0x1361a: mov word ptr [si], cx
0x1361c: mov word ptr [si + 2], dx
0x1361f: pop si
0x13620: pop bp
0x13621: ret
0x13622: push bp
0x13623: mov bp, sp
0x13625: push si
0x13626: mov si, word ptr [bp + 4]
0x13629: mov ah, 0x2c
0x1362b: int 0x21
0x1362d: mov word ptr [si], cx
0x1362f: mov word ptr [si + 2], dx
0x13632: pop si
0x13633: pop bp
0x13634: ret
0x13635: push bp
0x13636: mov bp, sp
0x13638: sub sp, 2
0x1363b: lea ax, word ptr [bp - 2]
2018-12-17T22:41:47.34124901Z 44 PC: 1362d | Get time 0x1362d: mov word ptr [si], cx
0x1362f: mov word ptr [si + 2], dx
0x13632: pop si
0x13633: pop bp
0x13634: ret
0x13635: push bp
0x13636: mov bp, sp
0x13638: sub sp, 2
0x1363b: lea ax, word ptr [bp - 2]
0x1363e: push ax
0x1363f: call 0x23541
0x13642: pop cx
0x13643: mov ax, word ptr [bp - 2]
0x13646: dec ax
0x13647: mov sp, bp
0x13649: pop bp
0x1364a: ret
0x1364b: push bp
0x1364c: mov bp, sp
0x1364e: sub sp, 2
2018-12-17T22:41:47.344550432Z 67 PC: 14386 | Get or set file attributes
2018-12-17T22:41:47.350500301Z 61 PC: 14e3a | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:41:47.356885075Z 68 PC: 13d3b | I/O control for devices (Set for = '')
2018-12-17T22:41:47.358174641Z 68 PC: 13830 | I/O control for devices (Set for = '')
2018-12-17T22:41:47.36019753Z 63 PC: 139e6 | Read file or device (Read 13824 bytes on handle 5)
2018-12-17T22:41:47.367985086Z 63 PC: 139e6 | Read file or device (Read 512 bytes on handle 5)
2018-12-17T22:41:47.371442119Z 62 PC: 143c1 | Close file
2018-12-17T22:41:47.373225376Z 25 PC: 1354c | Get default drive
2018-12-17T22:41:47.374633945Z 71 PC: 13602 | Get current directory
2018-12-17T22:41:47.37743201Z 14 PC: 13564 | Set default drive (Drive = 'C')
2018-12-17T22:41:47.378540522Z 59 PC: 1340a | Change current directory
2018-12-17T22:41:47.385756029Z 67 PC: 14386 | Get or set file attributes
2018-12-17T22:41:47.394026625Z 61 PC: 14e3a | Open file (Filename = 'SCANDISK.EXE')
2018-12-17T22:41:47.400474058Z 68 PC: 13d3b | I/O control for devices (Set for = '')
2018-12-17T22:41:47.402334017Z 68 PC: 13830 | I/O control for devices (Set for = '')
2018-12-17T22:41:47.404619959Z 66 PC: 138ee | Move file pointer
2018-12-17T22:41:47.406554614Z 63 PC: 139e6 | Read file or device (Read 512 bytes on handle 5)
2018-12-17T22:41:47.413350466Z 62 PC: 143c1 | Close file
2018-12-17T22:41:47.415310092Z 65 PC: 139fa | Delete file (Filename = 'CHKLIST.MS')
2018-12-17T22:41:47.420832927Z 86 PC: 1521a | Rename file
2018-12-17T22:41:47.769574207Z 67 PC: 14386 | Get or set file attributes
2018-12-17T22:41:47.775061829Z 60 PC: 14ca7 | Create or truncate file
2018-12-17T22:41:47.786341656Z 68 PC: 13830 | I/O control for devices (Set for = '')
2018-12-17T22:41:47.788260501Z 64 PC: 15a1f | Write file or device (Write 14042 bytes on handle 5)
2018-12-17T22:41:47.803374687Z 64 PC: 15a1f | Write file or device (Write 3923 bytes on handle 5)
2018-12-17T22:41:47.811783766Z 62 PC: 143c1 | Close file
2018-12-17T22:41:47.819411749Z 14 PC: 13564 | Set default drive (Drive = 'C')
2018-12-17T22:41:47.821592608Z 71 PC: 13602 | Get current directory
2018-12-17T22:41:47.824135645Z 59 PC: 1340a | Change current directory
2018-12-17T22:41:47.827608788Z 47 PC: 1454a | Get disk transfer address
2018-12-17T22:41:47.8291572Z 26 PC: 14553 | Set disk transfer address
2018-12-17T22:41:47.830132718Z 78 PC: 1455d | Find first file
2018-12-17T22:41:47.83520333Z 26 PC: 14566 | Set disk transfer address
2018-12-17T22:41:47.836740289Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:47.837673295Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:47.838548805Z 79 PC: 1458a | Find next file
2018-12-17T22:41:47.841336871Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:47.842301833Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:47.843218747Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:47.844724332Z 79 PC: 1458a | Find next file
2018-12-17T22:41:47.846999263Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:47.847985244Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:47.84959543Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:47.850464925Z 79 PC: 1458a | Find next file
2018-12-17T22:41:47.852632181Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:47.854026392Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:47.855101618Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:47.856840914Z 79 PC: 1458a | Find next file
2018-12-17T22:41:47.858677387Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:47.859672873Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:47.860444158Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:47.86156282Z 79 PC: 1458a | Find next file
2018-12-17T22:41:47.863194625Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:47.864044075Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:47.865162763Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:47.866928085Z 79 PC: 1458a | Find next file
2018-12-17T22:41:47.868416001Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:47.86946543Z 59 PC: 1340a | Change current directory
2018-12-17T22:41:47.872957449Z 47 PC: 1454a | Get disk transfer address
2018-12-17T22:41:47.873723314Z 26 PC: 14553 | Set disk transfer address
2018-12-17T22:41:47.874577277Z 78 PC: 1455d | Find first file
2018-12-17T22:41:47.879887383Z 26 PC: 14566 | Set disk transfer address
2018-12-17T22:41:47.880891167Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:47.881859693Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:47.882960177Z 79 PC: 1458a | Find next file
2018-12-17T22:41:47.884900914Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:47.886249679Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:47.88714011Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:47.887955813Z 79 PC: 1458a | Find next file
2018-12-17T22:41:47.890123302Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:47.891325863Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:47.892203127Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:47.893197225Z 79 PC: 1458a | Find next file
2018-12-17T22:41:47.895540026Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:47.896391666Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:47.897279696Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:47.898609054Z 79 PC: 1458a | Find next file
2018-12-17T22:41:47.900716628Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:47.901622319Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:47.902965446Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:47.903759149Z 79 PC: 1458a | Find next file
2018-12-17T22:41:47.907461745Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:47.908952853Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:47.910014613Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:47.91120103Z 79 PC: 1458a | Find next file
2018-12-17T22:41:47.914728325Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:47.915602252Z 65 PC: 139fa | Delete file (Filename = '')
2018-12-17T22:41:47.925210716Z 67 PC: 14386 | Get or set file attributes
2018-12-17T22:41:47.931499491Z 61 PC: 14e3a | Open file (Filename = '�$���6��j f��fi� N')
2018-12-17T22:41:47.938882251Z 68 PC: 13d3b | I/O control for devices (Set for = ' ��')
2018-12-17T22:41:47.940378134Z 68 PC: 13830 | I/O control for devices
2018-12-17T22:41:47.942682835Z 66 PC: 138ee | Move file pointer
2018-12-17T22:41:47.944186606Z 63 PC: 139e6 | Read file or device (Read 512 bytes on handle 5)
2018-12-17T22:41:47.950880896Z 62 PC: 143c1 | Close file
2018-12-17T22:41:47.953014761Z 67 PC: 14386 | Get or set file attributes
2018-12-17T22:41:47.962024139Z 86 PC: 1521a | Rename file
2018-12-17T22:41:47.973731847Z 67 PC: 14386 | Get or set file attributes
2018-12-17T22:41:47.980527596Z 60 PC: 14ca7 | Create or truncate file
2018-12-17T22:41:47.991275824Z 68 PC: 13830 | I/O control for devices (Set for = '')
2018-12-17T22:41:47.993599132Z 64 PC: 15a1f | Write file or device (Write 14042 bytes on handle 5)
2018-12-17T22:41:48.004969081Z 62 PC: 143c1 | Close file
2018-12-17T22:41:48.012861706Z 67 PC: 14386 | Get or set file attributes
2018-12-17T22:41:48.019250961Z 61 PC: 14e3a | Open file (Filename = '1.tmp')
2018-12-17T22:41:48.026452006Z 68 PC: 13d3b | I/O control for devices (Set for = '')
2018-12-17T22:41:48.027822216Z 68 PC: 13830 | I/O control for devices (Set for = '')
2018-12-17T22:41:48.029499899Z 66 PC: 145b4 | Move file pointer
2018-12-17T22:41:48.04589328Z 66 PC: 145c1 | Move file pointer
2018-12-17T22:41:48.047327693Z 66 PC: 145d0 | Move file pointer
2018-12-17T22:41:48.04944388Z 63 PC: 139e6 | Read file or device (Read 16896 bytes on handle 5)
2018-12-17T22:41:48.058709584Z 63 PC: 139e6 | Read file or device (Read 512 bytes on handle 5)
2018-12-17T22:41:48.065282914Z 62 PC: 143c1 | Close file
2018-12-17T22:41:48.06736961Z 67 PC: 14386 | Get or set file attributes
2018-12-17T22:41:48.074912783Z 61 PC: 14e3a | Open file (Filename = 'TERMINAL.EXE')
2018-12-17T22:41:48.081859575Z 68 PC: 13d3b | I/O control for devices (Set for = '')
2018-12-17T22:41:48.083421181Z 68 PC: 13830 | I/O control for devices (Set for = '')
2018-12-17T22:41:48.086242967Z 66 PC: 138ee | Move file pointer
2018-12-17T22:41:48.087729339Z 64 PC: 15a1f | Write file or device (Write 17088 bytes on handle 5)
2018-12-17T22:41:48.098795512Z 62 PC: 143c1 | Close file
2018-12-17T22:41:48.107517012Z 65 PC: 139fa | Delete file (Filename = '1.tmp')
2018-12-17T22:41:48.118653945Z 59 PC: 1340a | Change current directory
2018-12-17T22:41:48.12236128Z 59 PC: 1340a | Change current directory
2018-12-17T22:41:48.131641857Z 14 PC: 13564 | Set default drive (Drive = 'E')
2018-12-17T22:41:48.133254944Z 71 PC: 13602 | Get current directory
2018-12-17T22:41:48.135859902Z 59 PC: 1340a | Change current directory
2018-12-17T22:41:48.140521024Z 47 PC: 1454a | Get disk transfer address
2018-12-17T22:41:48.141579534Z 26 PC: 14553 | Set disk transfer address
2018-12-17T22:41:48.142576324Z 78 PC: 1455d | Find first file
2018-12-17T22:41:48.150113573Z 26 PC: 14566 | Set disk transfer address
2018-12-17T22:41:48.151880158Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:48.152938827Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:48.154177444Z 79 PC: 1458a | Find next file
2018-12-17T22:41:48.156733667Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:48.158849597Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:48.160498204Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:48.161491042Z 79 PC: 1458a | Find next file
2018-12-17T22:41:48.164059168Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:48.165842444Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:48.166811623Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:48.167795567Z 79 PC: 1458a | Find next file
2018-12-17T22:41:48.170606332Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:48.171684967Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:48.17266268Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:48.174808931Z 79 PC: 1458a | Find next file
2018-12-17T22:41:48.177116633Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:48.178214689Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:48.179811322Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:48.180650114Z 79 PC: 1458a | Find next file
2018-12-17T22:41:48.182988539Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:48.187550173Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:48.188845096Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:48.190097978Z 79 PC: 1458a | Find next file
2018-12-17T22:41:48.193683218Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:48.195172097Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:48.19706666Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:48.199456116Z 79 PC: 1458a | Find next file
2018-12-17T22:41:48.202243466Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:48.203819327Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:48.206530342Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:48.207903986Z 79 PC: 1458a | Find next file
2018-12-17T22:41:48.210486018Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:48.212542155Z 59 PC: 1340a | Change current directory
2018-12-17T22:41:48.218274526Z 47 PC: 1454a | Get disk transfer address
2018-12-17T22:41:48.219363875Z 26 PC: 14553 | Set disk transfer address
2018-12-17T22:41:48.221117464Z 78 PC: 1455d | Find first file
2018-12-17T22:41:48.226842851Z 26 PC: 14566 | Set disk transfer address
2018-12-17T22:41:48.228234365Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:48.230005572Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:48.231259636Z 79 PC: 1458a | Find next file
2018-12-17T22:41:48.234677819Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:48.237200571Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:48.23853366Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:48.239984248Z 79 PC: 1458a | Find next file
2018-12-17T22:41:48.243850815Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:48.245254989Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:48.247329911Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:48.248857875Z 79 PC: 1458a | Find next file
2018-12-17T22:41:48.251991426Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:48.253528678Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:48.255569161Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:48.256826649Z 79 PC: 1458a | Find next file
2018-12-17T22:41:48.260888803Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:48.262311321Z 47 PC: 1457d | Get disk transfer address
2018-12-17T22:41:48.263607246Z 26 PC: 14586 | Set disk transfer address
2018-12-17T22:41:48.265098067Z 79 PC: 1458a | Find next file
2018-12-17T22:41:48.26901369Z 26 PC: 14593 | Set disk transfer address
2018-12-17T22:41:48.270371801Z 65 PC: 139fa | Delete file (Filename = '')
2018-12-17T22:41:48.276762335Z 67 PC: 14386 | Get or set file attributes
2018-12-17T22:41:48.282873923Z 61 PC: 14e3a | Open file (Filename = '�$���6��j f��fi� N')
2018-12-17T22:41:48.289570037Z 68 PC: 13d3b | I/O control for devices (Set for = ' ��')
2018-12-17T22:41:48.291872912Z 68 PC: 13830 | I/O control for devices (Set for = '"')
2018-12-17T22:41:48.29404946Z 66 PC: 138ee | Move file pointer
2018-12-17T22:41:48.295719593Z 63 PC: 139e6 | Read file or device (Read 512 bytes on handle 5)
2018-12-17T22:41:48.302889436Z 62 PC: 143c1 | Close file
2018-12-17T22:41:48.304940303Z 67 PC: 14386 | Get or set file attributes
2018-12-17T22:41:48.315375217Z 86 PC: 1521a | Rename file
2018-12-17T22:41:48.327218664Z 67 PC: 14386 | Get or set file attributes
2018-12-17T22:41:48.333414905Z 60 PC: 14ca7 | Create or truncate file
2018-12-17T22:41:48.344325317Z 68 PC: 13830 | I/O control for devices (Set for = '')
2018-12-17T22:41:48.347336626Z 64 PC: 15a1f | Write file or device (Write 14042 bytes on handle 5)
2018-12-17T22:41:48.356547213Z 62 PC: 143c1 | Close file
2018-12-17T22:41:48.364258658Z 67 PC: 14386 | Get or set file attributes
2018-12-17T22:41:48.371100777Z 61 PC: 14e3a | Open file (Filename = '1.tmp')
2018-12-17T22:41:48.378818617Z 68 PC: 13d3b | I/O control for devices (Set for = '')
2018-12-17T22:41:48.380305048Z 68 PC: 13830 | I/O control for devices (Set for = '>%���')
2018-12-17T22:41:48.383151871Z 66 PC: 145b4 | Move file pointer
2018-12-17T22:41:48.384613261Z 66 PC: 145c1 | Move file pointer
2018-12-17T22:41:48.385959459Z 66 PC: 145d0 | Move file pointer
2018-12-17T22:41:48.389800739Z 63 PC: 139e6 | Read file or device (Read 49152 bytes on handle 5)
2018-12-17T22:41:48.404537717Z 65 PC: 139fa | Delete file (Filename = '')
2018-12-17T22:41:48.406767539Z 59 PC: 1340a | Change current directory
2018-12-17T22:41:48.409460135Z 59 PC: 1340a | Change current directory
2018-12-17T22:41:48.41201642Z 14 PC: 13564 | Set default drive (Drive = 'O')
2018-12-17T22:41:48.413627216Z 59 PC: 1340a | Change current directory
2018-12-17T22:41:48.416975523Z 59 PC: 1340a | Change current directory