Sample viewer

vx.netlux.org/Virus.DOS.HLLW.Czec.4640

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:43:48.270448423Z	53	PC: 12ff6 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:43:48.272872185Z	53	PC: 12ff6 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:43:48.274257096Z	53	PC: 12ff6 \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:43:48.275536148Z	53	PC: 12ff6 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:43:48.276754477Z	53	PC: 12ff6 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:43:48.278973444Z	53	PC: 12ff6 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:43:48.280508357Z	53	PC: 12ff6 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:43:48.282225171Z	53	PC: 12ff6 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:43:48.284382944Z	53	PC: 12ff6 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:43:48.28570669Z	53	PC: 12ff6 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:43:48.286984069Z	53	PC: 12ff6 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:43:48.288897804Z	53	PC: 12ff6 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:43:48.290337548Z	53	PC: 12ff6 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:43:48.292004809Z	53	PC: 12ff6 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:43:48.294861885Z	53	PC: 12ff6 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:43:48.296474364Z	53	PC: 12ff6 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:43:48.297878441Z	53	PC: 12ff6 \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:43:48.300316991Z	53	PC: 12ff6 \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:43:48.301755192Z	37	PC: 1300b \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:43:48.30308024Z	37	PC: 13013 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:43:48.304702798Z	37	PC: 1301b \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:43:48.306540669Z	37	PC: 13023 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:43:48.308567005Z	68	PC: 13603 \| I/O control for devices (Set for = '')
2018-12-17T22:43:48.310291905Z	64	PC: 13706 \| Write file or device (Write 37 bytes on handle 1)
2018-12-17T22:43:48.315440455Z	26	PC: 12f55 \| Set disk transfer address
2018-12-17T22:43:48.316553005Z	78	PC: 12f61 \| Find first file
2018-12-17T22:43:48.322923279Z	61	PC: 13925 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:43:48.330577695Z	66	PC: 13a57 \| Move file pointer
2018-12-17T22:43:48.332322342Z	63	PC: 139b7 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:43:48.338629999Z	62	PC: 13975 \| Close file
2018-12-17T22:43:48.342010307Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.34316176Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.345330995Z	44	PC: 1349f \| Get time 0x1349f: mov word ptr [0x38], cx 0x134a3: mov word ptr [0x3a], dx 0x134a7: retf 0x134a8: mov bx, sp 0x134aa: push ds 0x134ab: les di, ptr ss:[bx + 8] 0x134af: lds si, ptr ss:[bx + 4] 0x134b3: cld 0x134b4: xor ax, ax 0x134b6: stosw word ptr es:[di], ax 0x134b7: mov ax, 0xd7b0 0x134ba: stosw word ptr es:[di], ax 0x134bb: mov ax, 0x80 0x134be: stosw word ptr es:[di], ax 0x134bf: xor ax, ax 0x134c1: stosw word ptr es:[di], ax 0x134c2: stosw word ptr es:[di], ax 0x134c3: stosw word ptr es:[di], ax 0x134c4: lea ax, word ptr [di + 0x74] 0x134c7: stosw word ptr es:[di], ax
2018-12-17T22:43:48.348357188Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:48.366534558Z	64	PC: 139b7 \| Write file or device (Write 5056 bytes on handle 5)
2018-12-17T22:43:48.376977301Z	62	PC: 13975 \| Close file
2018-12-17T22:43:48.386658274Z	26	PC: 12f55 \| Set disk transfer address
2018-12-17T22:43:48.387940342Z	78	PC: 12f61 \| Find first file
2018-12-17T22:43:48.395434427Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.397313145Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.401348905Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.402803377Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.406266371Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.408412381Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.411570293Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.412919687Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.417038994Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.418941767Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.421829951Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.423743275Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.426598087Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.427625347Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.431021585Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.432753969Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.436153434Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.438407086Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.441207636Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.442257458Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.449274627Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:48.812424212Z	64	PC: 139b7 \| Write file or device (Write 5056 bytes on handle 5)
2018-12-17T22:43:48.826661902Z	62	PC: 13975 \| Close file
2018-12-17T22:43:48.836198734Z	26	PC: 12f55 \| Set disk transfer address
2018-12-17T22:43:48.838028811Z	78	PC: 12f61 \| Find first file
2018-12-17T22:43:48.845071809Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.846456189Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.850790721Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.85287248Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.860799799Z	26	PC: 12f55 \| Set disk transfer address
2018-12-17T22:43:48.863437052Z	78	PC: 12f61 \| Find first file
2018-12-17T22:43:48.873753047Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.875317185Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.880361319Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.881973326Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.885815482Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.88848703Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.89236811Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.893848049Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.897624272Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.902160271Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.906472119Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.90769739Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.912150173Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.913697339Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.918892697Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.921187277Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.925367918Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.926862606Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.931532737Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.933333449Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.937183901Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.940018926Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.943968403Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.945611769Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.950232829Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.952420658Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.956022994Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.957219672Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.962309411Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.963934734Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.967952399Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.970187898Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.977348537Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.979550562Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.984305974Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.985810109Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.989759847Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.991797504Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:48.997203538Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:48.998753809Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.003393433Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.004821836Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.008662129Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.011056425Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.015657447Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.01713404Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.021146346Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.023850194Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.027764947Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.029268551Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.034113862Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.035984154Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.039981051Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.042177305Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.045966473Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.047357475Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.051648985Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.05303598Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.056651641Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.058672566Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.062587659Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.06414796Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.06804023Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.06953113Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.077241572Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.078416388Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.08324639Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.084453798Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.08808088Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.090278077Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.093896924Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.095083813Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.099731292Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.100991208Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.104130594Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.106389386Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.109666922Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.110847249Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.11480391Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.116071832Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.119685709Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.121590758Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.124977458Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.12698081Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.130692562Z	26	PC: 12f79 \| Set disk transfer address
2018-12-17T22:43:49.132527819Z	79	PC: 12f7e \| Find next file
2018-12-17T22:43:49.135747295Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.139244965Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.143939281Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.147190658Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.150354319Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.155153463Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.158352582Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.161650757Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.165395329Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.16847826Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.171174313Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.173639503Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.17576256Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.178068752Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.180885523Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.183952863Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.187218567Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.191263765Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.194719795Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.197745358Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.201149161Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.204051301Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.207183043Z	60	PC: 13925 \| Create or truncate file
2018-12-17T22:43:49.211711238Z	64	PC: 13706 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:43:49.213843393Z	37	PC: 13105 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:43:49.215301551Z	37	PC: 13105 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:43:49.217327676Z	37	PC: 13105 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:43:49.218576873Z	37	PC: 13105 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:43:49.219807234Z	37	PC: 13105 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:43:49.22235574Z	37	PC: 13105 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:43:49.224042889Z	37	PC: 13105 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:43:49.225298737Z	37	PC: 13105 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:43:49.227191913Z	37	PC: 13105 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:43:49.228702861Z	37	PC: 13105 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:43:49.230239798Z	37	PC: 13105 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:43:49.232467862Z	37	PC: 13105 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:43:49.238973441Z	37	PC: 13105 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:43:49.240326773Z	37	PC: 13105 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:43:49.246087903Z	37	PC: 13105 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:43:49.247375872Z	37	PC: 13105 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:43:49.248637011Z	37	PC: 13105 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:43:49.250600869Z	37	PC: 13105 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:43:49.251883869Z	76	PC: 13144 \| Terminate with return code (Return code = '0')