Sample viewer

vx.netlux.org/Virus.DOS.HLLC.7421

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:42:08.323441524Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:42:08.325294494Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:42:08.32797061Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:42:08.329746936Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:42:08.331420119Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:42:08.333888876Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:42:08.335456059Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:42:08.336576303Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:42:08.338694161Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:42:08.340370479Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:42:08.341880997Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:42:08.343663584Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:42:08.345254582Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:42:08.346503829Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:42:08.347765318Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:42:08.350181677Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:42:08.351645015Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:42:08.352733619Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:42:08.358608003Z	53	PC: 144ba \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:42:08.361654815Z	37	PC: 144cf \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:42:08.364014036Z	37	PC: 144d7 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:42:08.366772447Z	37	PC: 144df \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:42:08.368355871Z	37	PC: 144e7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:42:08.370449523Z	68	PC: 152a8 \| I/O control for devices (Set for = '< t�< ù')
2018-12-17T22:42:08.482247Z	37	PC: 13d31 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:42:08.484613846Z	25	PC: 14e60 \| Get default drive
2018-12-17T22:42:08.486278893Z	71	PC: 14e73 \| Get current directory
2018-12-17T22:42:08.489986907Z	26	PC: 14317 \| Set disk transfer address
2018-12-17T22:42:08.491162165Z	78	PC: 14323 \| Find first file
2018-12-17T22:42:08.495611401Z	25	PC: 14e60 \| Get default drive
2018-12-17T22:42:08.497604314Z	71	PC: 14e73 \| Get current directory
2018-12-17T22:42:08.5144534Z	26	PC: 14317 \| Set disk transfer address
2018-12-17T22:42:08.515817803Z	78	PC: 14323 \| Find first file
2018-12-17T22:42:08.520539992Z	26	PC: 14317 \| Set disk transfer address
2018-12-17T22:42:08.523093357Z	78	PC: 14323 \| Find first file
2018-12-17T22:42:08.529059343Z	61	PC: 14c11 \| Open file (Filename = 'A:\\TEST.EXE')
2018-12-17T22:42:08.531717545Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:42:08.533853036Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:42:08.535557077Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:42:08.536802796Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:42:08.538889966Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:42:08.540093277Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:42:08.541786317Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:42:08.544111254Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:42:08.545344129Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:42:08.546937752Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:42:08.555645948Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:42:08.557246123Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:42:08.558646243Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:42:08.560701864Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:42:08.562450759Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:42:08.564195445Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:42:08.568936771Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:42:08.570739066Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:42:08.572345983Z	37	PC: 14611 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:42:08.574023835Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.576711753Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.580449293Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.582695682Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.586385753Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.588812981Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.591204644Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.593987561Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.596171903Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.59910383Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.602464943Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.604845784Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.607046608Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.609642754Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.616137492Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.619093665Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.62271698Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.626170747Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.629424799Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.632578963Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.635792408Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.637883576Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.641420799Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.643218806Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.645766962Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.648132505Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.650656425Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.653316091Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.655430001Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.657649369Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.660960118Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.662839357Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.666161266Z	6	PC: 14698 \| Direct console I/O
2018-12-17T22:42:08.670757679Z	76	PC: 14650 \| Terminate with return code (Return code = '5')