Sample viewer

vx.netlux.org/Virus.DOS.HLLO.Tally.34846

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:42:16.129511926Z 48 PC: 1998c | Get DOS version
2018-12-17T22:42:16.131764996Z 74 PC: 199dc | Reallocate memory
2018-12-17T22:42:16.13391098Z 48 PC: 19a40 | Get DOS version
2018-12-17T22:42:16.135126536Z 53 PC: 19a48 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:42:16.137469168Z 37 PC: 19a5a | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:42:16.13944568Z 53 PC: 1c6a2 | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:42:16.141119996Z 37 PC: 1c6b2 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:42:16.143062288Z 53 PC: 1c6b7 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:42:16.154713744Z 37 PC: 1c6c7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:42:16.156121462Z 53 PC: 1a3f6 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:42:16.171476001Z 53 PC: 1a3f6 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:42:16.173325718Z 53 PC: 1a3f6 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:42:16.174730999Z 53 PC: 1a3f6 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:42:16.176149012Z 53 PC: 1a3f6 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:42:16.178328454Z 53 PC: 1a3f6 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:42:16.180031787Z 53 PC: 1a3f6 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:42:16.181785892Z 53 PC: 1a3f6 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:42:16.184334436Z 53 PC: 1a3f6 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:42:16.186943544Z 53 PC: 1a3f6 | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:42:16.189570637Z 53 PC: 1a3f6 | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:42:16.191095805Z 37 PC: 1a425 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:42:16.193094272Z 37 PC: 1a425 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:42:16.19474016Z 37 PC: 1a425 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:42:16.196422369Z 37 PC: 1a425 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:42:16.198871649Z 37 PC: 1a425 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:42:16.20048181Z 37 PC: 1a425 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:42:16.201867576Z 37 PC: 1a425 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:42:16.209362039Z 37 PC: 1a425 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:42:16.211306726Z 37 PC: 1a42c | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:42:16.212987038Z 37 PC: 1a431 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:42:16.215415656Z 68 PC: 19aeb | I/O control for devices (Set for = '&�=')
2018-12-17T22:42:16.217174021Z 68 PC: 19aeb | I/O control for devices (Set for = 'r')
2018-12-17T22:42:16.219132505Z 68 PC: 19aeb | I/O control for devices (Set for = ' ��> ')
2018-12-17T22:42:16.22271171Z 68 PC: 19aeb | I/O control for devices (Set for = '��.')
2018-12-17T22:42:16.224652197Z 68 PC: 19aeb | I/O control for devices (Set for = '��.')
2018-12-17T22:42:16.228665454Z 53 PC: 16bbc | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:42:16.230921324Z 53 PC: 16bc9 | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:42:16.232390629Z 53 PC: 16bd6 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:42:16.233730419Z 37 PC: 16beb | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:42:16.235471312Z 37 PC: 16bf3 | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:42:16.23796256Z 37 PC: 16bfb | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:42:16.239795025Z 53 PC: 1767a | Get interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T22:42:16.241491437Z 53 PC: 17687 | Get interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T22:42:16.254796653Z 53 PC: 17696 | Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:42:16.256963058Z 37 PC: 176a3 | Set interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T22:42:16.25862329Z 53 PC: 176aa | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:42:16.261192689Z 37 PC: 176b7 | Set interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T22:42:16.262831046Z 53 PC: 176c3 | Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:42:16.267801857Z 48 PC: 17785 | Get DOS version
2018-12-17T22:42:16.269991554Z 74 PC: 15887 | Reallocate memory
2018-12-17T22:42:16.27239639Z 74 PC: 15887 | Reallocate memory
2018-12-17T22:42:16.274424243Z 68 PC: 16b32 | I/O control for devices (Set for = 'redit given to Wavefunc for _!')
2018-12-17T22:42:16.276813038Z 68 PC: 16b32 | I/O control for devices (Set for = '')
2018-12-17T22:42:16.278937611Z 51 PC: 16b50 | Get or set Ctrl-Break
2018-12-17T22:42:16.280616036Z 51 PC: 16b5c | Get or set Ctrl-Break
2018-12-17T22:42:16.284121657Z 37 PC: 14c97 | Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:42:16.288964593Z 74 PC: 15887 | Reallocate memory
2018-12-17T22:42:16.29101264Z 51 PC: 16b67 | Get or set Ctrl-Break
2018-12-17T22:42:16.292696101Z 37 PC: 16de9 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:42:16.299645096Z 37 PC: 16df3 | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:42:16.30136826Z 37 PC: 16dfd | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:42:16.303134323Z 53 PC: 152b4 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:42:16.305908263Z 53 PC: 152c1 | Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:42:16.307685591Z 53 PC: 152ce | Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:42:16.30942192Z 37 PC: 152e9 | Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:42:16.312091749Z 53 PC: 152f1 | Get interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T22:42:16.313835194Z 37 PC: 152fe | Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:42:16.315511252Z 53 PC: 15305 | Get interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T22:42:16.317994271Z 37 PC: 15312 | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:42:16.319647535Z 37 PC: 1531c | Set interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T22:42:16.321338092Z 37 PC: 15327 | Set interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T22:42:16.323888675Z 37 PC: 1a441 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:42:16.325924028Z 37 PC: 1a441 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:42:16.327615602Z 37 PC: 1a441 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:42:16.33025631Z 37 PC: 1a441 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:42:16.331697184Z 37 PC: 1a441 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:42:16.333035916Z 37 PC: 1a441 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:42:16.33435385Z 37 PC: 1a441 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:42:16.336431537Z 37 PC: 1a441 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:42:16.337887631Z 37 PC: 1a441 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:42:16.340075075Z 37 PC: 1a441 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:42:16.343068585Z 37 PC: 1a441 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:42:16.344446948Z 37 PC: 1c6d6 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:42:16.34580887Z 37 PC: 19b9c | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:42:16.351202043Z 41 PC: 19887 | Parse filename
2018-12-17T22:42:16.353185441Z 41 PC: 19889 | Parse filename
2018-12-17T22:42:16.355137484Z 41 PC: 1988e | Parse filename
2018-12-17T22:42:16.357653749Z 75 PC: 198a4 | Execute program
2018-12-17T22:42:16.380067603Z 80 PC: 1fa69 | Set current PSP
2018-12-17T22:42:16.381333948Z 48 PC: 1fa6e | Get DOS version
2018-12-17T22:42:16.384248229Z 99 PC: 26250 | Get DBCS lead byte table pointer
2018-12-17T22:42:16.387390854Z 101 PC: 1faf4 | Get extended country info
2018-12-17T22:42:16.389180376Z 99 PC: 1fafa | Get DBCS lead byte table pointer
2018-12-17T22:42:16.39170621Z 74 PC: 1fb5c | Reallocate memory
2018-12-17T22:42:16.393936057Z 25 PC: 1fb93 | Get default drive
2018-12-17T22:42:16.39554862Z 37 PC: 1f653 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:42:16.397839394Z 37 PC: 1f65a | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:42:16.41513048Z 37 PC: 1f661 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:42:16.421124117Z 74 PC: 1e7fc | Reallocate memory
2018-12-17T22:42:16.426041301Z 72 PC: 1e83d | Allocate memory
2018-12-17T22:42:16.42821983Z 72 PC: 1e875 | Allocate memory
2018-12-17T22:42:16.430623765Z 72 PC: 1e87d | Allocate memory