Sample viewer

vx.netlux.org/Virus.DOS.HLLP.DR.9223

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:43:56.807168175Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:43:56.808945134Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:43:56.810291088Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:43:56.811673806Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:43:56.813743972Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:43:56.828011012Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:43:56.829380333Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:43:56.830363337Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:43:56.831581526Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:43:56.832497743Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:43:56.833408121Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:43:56.835018346Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:43:56.835978113Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:43:56.836982074Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:43:56.842662998Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:43:56.844469355Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:43:56.846332891Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:43:56.848846994Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:43:56.850575398Z	53	PC: 13c7a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:43:56.852315196Z	37	PC: 13c8f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:43:56.855047775Z	37	PC: 13c97 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:43:56.856298109Z	37	PC: 13c9f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:43:56.857419975Z	37	PC: 13ca7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:43:56.859465256Z	68	PC: 1487d \| I/O control for devices (Set for = '')
2018-12-17T22:43:56.861074862Z	26	PC: 13a7d \| Set disk transfer address
2018-12-17T22:43:56.862832355Z	78	PC: 13a89 \| Find first file
2018-12-17T22:43:56.874523761Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.87580421Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.879172869Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.880400788Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.884345192Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.885565352Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.888659314Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.890353661Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.893615521Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.894809151Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.898659962Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.899695384Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.904193058Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.906221151Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.909677893Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.91119878Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.915078634Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.916192804Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.919063943Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.920194493Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.923277094Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.924183758Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.927408049Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.930461068Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.933550205Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.934600059Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.937702857Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.93867023Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.941770811Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.943082829Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.947889804Z	26	PC: 13a7d \| Set disk transfer address
2018-12-17T22:43:56.948981488Z	78	PC: 13a89 \| Find first file
2018-12-17T22:43:56.959633328Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.960930119Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.964569168Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.966251058Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.96932193Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.970417726Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.97447289Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.97572488Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.978798136Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.980500843Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.984561Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.986532796Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:56.997944274Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:56.999098648Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.002404064Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.004305992Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.009325535Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.010423676Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.013800034Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.01702551Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.020230778Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.021863056Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.026813162Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.028454186Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.031949158Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.034559335Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.038098626Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.039635205Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.044801627Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.046641898Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.049389617Z	26	PC: 13a7d \| Set disk transfer address
2018-12-17T22:43:57.052323915Z	78	PC: 13a89 \| Find first file
2018-12-17T22:43:57.060004628Z	67	PC: 13a06 \| Get or set file attributes
2018-12-17T22:43:57.18345337Z	61	PC: 14340 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:43:57.192415306Z	66	PC: 1497c \| Move file pointer
2018-12-17T22:43:57.194413497Z	66	PC: 1498a \| Move file pointer
2018-12-17T22:43:57.196271593Z	66	PC: 14998 \| Move file pointer
2018-12-17T22:43:57.198240918Z	66	PC: 1497c \| Move file pointer
2018-12-17T22:43:57.200471449Z	66	PC: 1498a \| Move file pointer
2018-12-17T22:43:57.202234515Z	66	PC: 14998 \| Move file pointer
2018-12-17T22:43:57.204401348Z	66	PC: 14472 \| Move file pointer
2018-12-17T22:43:57.207340316Z	63	PC: 14413 \| Read file or device (Read 23 bytes on handle 5)
2018-12-17T22:43:57.21515845Z	62	PC: 14390 \| Close file
2018-12-17T22:43:57.217472698Z	67	PC: 13a06 \| Get or set file attributes
2018-12-17T22:43:57.229820443Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.231260586Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.234985612Z	26	PC: 13a7d \| Set disk transfer address
2018-12-17T22:43:57.236785224Z	78	PC: 13a89 \| Find first file
2018-12-17T22:43:57.243748152Z	67	PC: 13a06 \| Get or set file attributes
2018-12-17T22:43:57.255119043Z	61	PC: 14340 \| Open file (Filename = '\TEST.EXE')
2018-12-17T22:43:57.265573669Z	66	PC: 1497c \| Move file pointer
2018-12-17T22:43:57.267408499Z	66	PC: 1498a \| Move file pointer
2018-12-17T22:43:57.269440593Z	66	PC: 14998 \| Move file pointer
2018-12-17T22:43:57.27231953Z	66	PC: 1497c \| Move file pointer
2018-12-17T22:43:57.274207895Z	66	PC: 1498a \| Move file pointer
2018-12-17T22:43:57.276077993Z	66	PC: 14998 \| Move file pointer
2018-12-17T22:43:57.278756173Z	66	PC: 14472 \| Move file pointer
2018-12-17T22:43:57.280704869Z	63	PC: 14413 \| Read file or device (Read 23 bytes on handle 5)
2018-12-17T22:43:57.28443956Z	62	PC: 14390 \| Close file
2018-12-17T22:43:57.287343552Z	67	PC: 13a06 \| Get or set file attributes
2018-12-17T22:43:57.299367586Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.301306491Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.305881986Z	26	PC: 13a7d \| Set disk transfer address
2018-12-17T22:43:57.307513795Z	78	PC: 13a89 \| Find first file
2018-12-17T22:43:57.314647154Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.317075456Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.320644947Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.323131648Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.326753027Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.328475946Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.331876908Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.33320627Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.336584477Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.337661554Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.340503467Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.343383447Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.346496263Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.348023188Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.351933553Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.353220707Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.356505517Z	26	PC: 13aa1 \| Set disk transfer address
2018-12-17T22:43:57.358259085Z	79	PC: 13aa6 \| Find next file
2018-12-17T22:43:57.36138937Z	48	PC: 1448e \| Get DOS version
2018-12-17T22:43:57.363094691Z	26	PC: 13a7d \| Set disk transfer address
2018-12-17T22:43:57.365060557Z	78	PC: 13a89 \| Find first file
2018-12-17T22:43:57.371777637Z	48	PC: 1448e \| Get DOS version
2018-12-17T22:43:57.373285476Z	67	PC: 13a06 \| Get or set file attributes
2018-12-17T22:43:57.384863309Z	61	PC: 14340 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:43:57.392628982Z	63	PC: 14413 \| Read file or device (Read 9200 bytes on handle 5)
2018-12-17T22:43:57.402334799Z	66	PC: 14472 \| Move file pointer
2018-12-17T22:43:57.405481337Z	63	PC: 14413 \| Read file or device (Read 9200 bytes on handle 5)
2018-12-17T22:43:57.414747205Z	66	PC: 14472 \| Move file pointer
2018-12-17T22:43:57.416712216Z	64	PC: 14413 \| Write file or device (Write 9200 bytes on handle 5)
2018-12-17T22:43:57.426687122Z	66	PC: 14472 \| Move file pointer
2018-12-17T22:43:57.428336039Z	64	PC: 14371 \| Write file or device (Write 0 bytes on handle 5)
2018-12-17T22:43:57.437239703Z	87	PC: 13a4d \| Get or set file date and time
2018-12-17T22:43:57.440260518Z	62	PC: 14390 \| Close file
2018-12-17T22:43:57.447555201Z	67	PC: 13a06 \| Get or set file attributes
2018-12-17T22:43:57.457095777Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:43:57.45896081Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:43:57.461239323Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:43:57.463736141Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:43:57.465755965Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:43:57.467827909Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:43:57.469435184Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:43:57.471623081Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:43:57.473351795Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:43:57.474818046Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:43:57.476860819Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:43:57.47833479Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:43:57.479751177Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:43:57.482359296Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:43:57.483584733Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:43:57.484895546Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:43:57.493998371Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:43:57.495480367Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:43:57.496883183Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:43:57.499214399Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:43:57.500898317Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:43:57.502644648Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:43:57.505056315Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:43:57.506777297Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:43:57.508442259Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:43:57.511149921Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:43:57.512856699Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:43:57.514553978Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:43:57.517207399Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:43:57.518921538Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:43:57.520583817Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:43:57.523267692Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:43:57.524951705Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:43:57.52666252Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:43:57.52852232Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:43:57.531004723Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:43:57.532359218Z	53	PC: 13bec \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:43:57.533712332Z	37	PC: 13bf5 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:43:57.535704707Z	48	PC: 1448e \| Get DOS version
2018-12-17T22:43:57.537502245Z	41	PC: 13ba3 \| Parse filename
2018-12-17T22:43:57.539126034Z	41	PC: 13bb1 \| Parse filename
2018-12-17T22:43:57.541740274Z	75	PC: 13bbc \| Execute program
2018-12-17T22:43:57.566459309Z	80	PC: 1ee49 \| Set current PSP
2018-12-17T22:43:57.567514125Z	48	PC: 1ee4e \| Get DOS version
2018-12-17T22:43:57.570679542Z	99	PC: 25630 \| Get DBCS lead byte table pointer
2018-12-17T22:43:57.573606146Z	101	PC: 1eed4 \| Get extended country info
2018-12-17T22:43:57.575175734Z	99	PC: 1eeda \| Get DBCS lead byte table pointer
2018-12-17T22:43:57.577763527Z	74	PC: 1ef3c \| Reallocate memory
2018-12-17T22:43:57.579490459Z	25	PC: 1ef73 \| Get default drive
2018-12-17T22:43:57.580941322Z	37	PC: 1ea33 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:43:57.583439505Z	37	PC: 1ea3a \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:43:57.585027984Z	37	PC: 1ea41 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:43:57.59497681Z	74	PC: 1dbdc \| Reallocate memory
2018-12-17T22:43:57.597742474Z	72	PC: 1dc1d \| Allocate memory
2018-12-17T22:43:57.599777433Z	72	PC: 1dc55 \| Allocate memory
2018-12-17T22:43:57.601726206Z	72	PC: 1dc5d \| Allocate memory