Sample viewer

vx.netlux.org/Virus.DOS.HLLO.8592

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:44:59.626384184Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:44:59.628264935Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:44:59.629396298Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:44:59.630445907Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:44:59.632063517Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:44:59.63320349Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:44:59.634220688Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:44:59.642402512Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:44:59.643545424Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:44:59.644491006Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:44:59.645480495Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:44:59.646766489Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:44:59.647855627Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:44:59.648953852Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:44:59.651443776Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:44:59.652581611Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:44:59.653824857Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:44:59.662673817Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:44:59.663942452Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:44:59.664821664Z	37	PC: 136bf \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:44:59.666599139Z	37	PC: 136c7 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:44:59.676358005Z	37	PC: 136cf \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:44:59.677882085Z	37	PC: 136d7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:44:59.680147762Z	68	PC: 146ae \| I/O control for devices (Set for = '�')
2018-12-17T22:44:59.681650231Z	25	PC: 14380 \| Get default drive
2018-12-17T22:44:59.682729446Z	71	PC: 14393 \| Get current directory
2018-12-17T22:44:59.685878509Z	48	PC: 142f3 \| Get DOS version
2018-12-17T22:44:59.687967528Z	25	PC: 14380 \| Get default drive
2018-12-17T22:44:59.688913224Z	71	PC: 14393 \| Get current directory
2018-12-17T22:44:59.692244907Z	25	PC: 14380 \| Get default drive
2018-12-17T22:44:59.702008913Z	71	PC: 14393 \| Get current directory
2018-12-17T22:44:59.704907124Z	14	PC: 143d9 \| Set default drive (Drive = 'C')
2018-12-17T22:44:59.70601346Z	25	PC: 143dd \| Get default drive
2018-12-17T22:44:59.707780079Z	59	PC: 14447 \| Change current directory
2018-12-17T22:44:59.711298216Z	26	PC: 133cf \| Set disk transfer address
2018-12-17T22:44:59.712230211Z	78	PC: 133db \| Find first file
2018-12-17T22:44:59.721665311Z	26	PC: 133cf \| Set disk transfer address
2018-12-17T22:44:59.728661635Z	78	PC: 133db \| Find first file
2018-12-17T22:44:59.734868045Z	26	PC: 133f3 \| Set disk transfer address
2018-12-17T22:44:59.73732446Z	79	PC: 133f8 \| Find next file
2018-12-17T22:44:59.740565326Z	26	PC: 133f3 \| Set disk transfer address
2018-12-17T22:44:59.74214284Z	79	PC: 133f8 \| Find next file
2018-12-17T22:44:59.749467345Z	59	PC: 14447 \| Change current directory
2018-12-17T22:44:59.755506521Z	26	PC: 133cf \| Set disk transfer address
2018-12-17T22:44:59.758361019Z	78	PC: 133db \| Find first file
2018-12-17T22:44:59.767923117Z	25	PC: 14380 \| Get default drive
2018-12-17T22:44:59.768979228Z	71	PC: 14393 \| Get current directory
2018-12-17T22:44:59.771520812Z	87	PC: 13372 \| Get or set file date and time
2018-12-17T22:44:59.773606895Z	67	PC: 13358 \| Get or set file attributes
2018-12-17T22:45:00.117141729Z	61	PC: 14131 \| Open file (Filename = 'ATTRIB.EXE')
2018-12-17T22:45:00.125207747Z	60	PC: 14131 \| Create or truncate file
2018-12-17T22:45:00.137563257Z	63	PC: 14204 \| Read file or device (Read 2048 bytes on handle 5)
2018-12-17T22:45:00.144153584Z	64	PC: 14204 \| Write file or device (Write 2048 bytes on handle 6)
2018-12-17T22:45:00.15320904Z	63	PC: 14204 \| Read file or device (Read 2048 bytes on handle 5)
2018-12-17T22:45:00.160501108Z	64	PC: 14204 \| Write file or device (Write 2048 bytes on handle 6)
2018-12-17T22:45:00.167586999Z	63	PC: 14204 \| Read file or device (Read 2048 bytes on handle 5)
2018-12-17T22:45:00.174003121Z	64	PC: 14204 \| Write file or device (Write 2048 bytes on handle 6)
2018-12-17T22:45:00.182476011Z	63	PC: 14204 \| Read file or device (Read 2048 bytes on handle 5)
2018-12-17T22:45:00.189566539Z	64	PC: 14204 \| Write file or device (Write 2048 bytes on handle 6)
2018-12-17T22:45:00.196651383Z	63	PC: 14204 \| Read file or device (Read 2048 bytes on handle 5)
2018-12-17T22:45:00.203232643Z	64	PC: 14204 \| Write file or device (Write 2048 bytes on handle 6)
2018-12-17T22:45:00.214155283Z	63	PC: 14204 \| Read file or device (Read 2048 bytes on handle 5)
2018-12-17T22:45:00.220468147Z	64	PC: 14204 \| Write file or device (Write 968 bytes on handle 6)
2018-12-17T22:45:00.228455397Z	63	PC: 14204 \| Read file or device (Read 2048 bytes on handle 5)
2018-12-17T22:45:00.230573467Z	62	PC: 14181 \| Close file
2018-12-17T22:45:00.232399307Z	62	PC: 14181 \| Close file
2018-12-17T22:45:00.242081964Z	61	PC: 14131 \| Open file (Filename = 'A:\\EST.EXE')
2018-12-17T22:45:00.245163095Z	64	PC: 13dcf \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:45:00.246814584Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:45:00.249177798Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:45:00.259488397Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:45:00.261199964Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:45:00.263345854Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:45:00.264551969Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:00.265684212Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:45:00.267555647Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:45:00.270017619Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:45:00.271180689Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:45:00.273302961Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:45:00.274991091Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:45:00.276951713Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:45:00.278622711Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:45:00.280798002Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:45:00.282312432Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:45:00.283665301Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:45:00.286353616Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:45:00.287858979Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:45:00.289341584Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.292427739Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.29439684Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.296467869Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.300497996Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.302838361Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.305161666Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.308117611Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.31045143Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.312760087Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.315764334Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.318003856Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.319944976Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.323363443Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.325545447Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.327812684Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.33091825Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.33321664Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.335481173Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.338437775Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.340702593Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.343745745Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.346419213Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.348470338Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.350438898Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.35408884Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.35591718Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.357766373Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.36060096Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.362757295Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.364615278Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.367848477Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.369664822Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:45:00.373054676Z	76	PC: 13840 \| Terminate with return code (Return code = '5')