Sample viewer

vx.netlux.org/Virus.DOS.HLLC.TPPE.13936

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:44:35.549914291Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:44:35.551549247Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:44:35.552693742Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:44:35.553668122Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:44:35.555328185Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:44:35.556447197Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:44:35.557544992Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:44:35.559999942Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:44:35.561208513Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:44:35.563007421Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:44:35.564674386Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:44:35.566586565Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:44:35.568506493Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:44:35.570292063Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:44:35.58154992Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:44:35.583711964Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:44:35.585745673Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:44:35.58941047Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:44:35.591295064Z	53	PC: 13f1a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:44:35.593050393Z	37	PC: 13f2f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:44:35.605421092Z	37	PC: 13f37 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:44:35.606614598Z	37	PC: 13f3f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:44:35.607852512Z	37	PC: 13f47 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:44:35.613497094Z	68	PC: 14cb2 \| I/O control for devices (Set for = '')
2018-12-17T22:44:35.615199637Z	64	PC: 14338 \| Write file or device (Write 46 bytes on handle 1)
2018-12-17T22:44:35.620127627Z	64	PC: 14338 \| Write file or device (Write 49 bytes on handle 1)
2018-12-17T22:44:35.627808667Z	60	PC: 14c96 \| Create or truncate file
2018-12-17T22:44:35.644543465Z	68	PC: 14cb2 \| I/O control for devices (Set for = '�')
2018-12-17T22:44:35.646952767Z	64	PC: 14313 \| Write file or device (Write 26 bytes on handle 5)
2018-12-17T22:44:35.65517868Z	62	PC: 14352 \| Close file
2018-12-17T22:44:35.663739801Z	41	PC: 13e7f \| Parse filename
2018-12-17T22:44:35.665557057Z	41	PC: 13e8d \| Parse filename
2018-12-17T22:44:35.667617772Z	75	PC: 13e98 \| Execute program
2018-12-17T22:44:35.688035479Z	80	PC: 1d479 \| Set current PSP
2018-12-17T22:44:35.689101657Z	48	PC: 1d47e \| Get DOS version
2018-12-17T22:44:35.691475938Z	99	PC: 23c60 \| Get DBCS lead byte table pointer
2018-12-17T22:44:35.695006898Z	101	PC: 1d504 \| Get extended country info
2018-12-17T22:44:35.696680073Z	99	PC: 1d50a \| Get DBCS lead byte table pointer
2018-12-17T22:44:35.698720218Z	74	PC: 1d56c \| Reallocate memory
2018-12-17T22:44:35.702385542Z	25	PC: 1d5a3 \| Get default drive
2018-12-17T22:44:35.704373902Z	37	PC: 1d063 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:44:35.706117952Z	37	PC: 1d06a \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:44:35.707760802Z	37	PC: 1d071 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:44:35.712515338Z	74	PC: 1c20c \| Reallocate memory
2018-12-17T22:44:35.714473713Z	72	PC: 1c24d \| Allocate memory
2018-12-17T22:44:35.716784487Z	72	PC: 1c285 \| Allocate memory
2018-12-17T22:44:35.71859007Z	72	PC: 1c28d \| Allocate memory