Sample viewer

vx.netlux.org/Virus.DOS.HLLO.2040

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:41:52.516401951Z 53 PC: 12bca | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:41:52.517838997Z 53 PC: 12bca | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:41:52.520432103Z 53 PC: 12bca | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:41:52.522290647Z 53 PC: 12bca | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:41:52.524028616Z 53 PC: 12bca | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:41:52.526326114Z 53 PC: 12bca | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:41:52.527762084Z 53 PC: 12bca | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:41:52.529358844Z 53 PC: 12bca | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:41:52.531490181Z 53 PC: 12bca | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:41:52.532972506Z 53 PC: 12bca | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:41:52.534362869Z 53 PC: 12bca | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:41:52.537732614Z 53 PC: 12bca | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:41:52.539168954Z 53 PC: 12bca | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:41:52.540992354Z 53 PC: 12bca | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:41:52.543125629Z 53 PC: 12bca | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:41:52.54477134Z 53 PC: 12bca | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:41:52.546123751Z 53 PC: 12bca | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:41:52.548518899Z 53 PC: 12bca | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:41:52.551083988Z 53 PC: 12bca | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:41:52.552812784Z 37 PC: 12bdf | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:41:52.55427638Z 37 PC: 12be7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:41:52.556170433Z 37 PC: 12bef | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:41:52.557596204Z 37 PC: 12bf7 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:41:52.559474433Z 68 PC: 1323e | I/O control for devices (Set for = '&�')
2018-12-17T22:41:52.562068769Z 48 PC: 13180 | Get DOS version
2018-12-17T22:41:52.563813383Z 61 PC: 13032 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:41:52.572803767Z 63 PC: 13105 | Read file or device (Read 2040 bytes on handle 5)
2018-12-17T22:41:52.59301229Z 26 PC: 12b15 | Set disk transfer address
2018-12-17T22:41:52.594520676Z 78 PC: 12b21 | Find first file
2018-12-17T22:41:52.601652161Z 61 PC: 13032 | Open file (Filename = 'As')
2018-12-17T22:41:52.611649743Z 64 PC: 12f8d | Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:41:52.613836132Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:41:52.615296126Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:41:52.617157879Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:41:52.619300088Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:41:52.620995994Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:41:52.622705331Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:41:52.624787456Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:41:52.626506369Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:41:52.628213108Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:41:52.6302958Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:41:52.631628344Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:41:52.633034827Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:41:52.635482091Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:41:52.639270943Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:41:52.640664322Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:41:52.642664039Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:41:52.644450906Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:41:52.646070617Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:41:52.648277178Z 37 PC: 12d21 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:41:52.650976413Z 76 PC: 12d60 | Terminate with return code (Return code = '0')