Sample viewer

vx.netlux.org/Virus.DOS.HLLO.Sym.34384

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:45:43.508377245Z 48 PC: 1963c | Get DOS version
2018-12-17T22:45:43.511370547Z 74 PC: 1968c | Reallocate memory
2018-12-17T22:45:43.5146843Z 48 PC: 196f0 | Get DOS version
2018-12-17T22:45:43.516412406Z 53 PC: 196f8 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:45:43.51798518Z 37 PC: 1970a | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:45:43.519911959Z 53 PC: 1c4f2 | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:45:43.521186783Z 37 PC: 1c502 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:45:43.522723039Z 53 PC: 1c507 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:45:43.525847016Z 37 PC: 1c517 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:45:43.527551998Z 53 PC: 1a246 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:45:43.529829495Z 53 PC: 1a246 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:45:43.532687012Z 53 PC: 1a246 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:45:43.534431709Z 53 PC: 1a246 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:45:43.536154645Z 53 PC: 1a246 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:45:43.538501943Z 53 PC: 1a246 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:45:43.540591137Z 53 PC: 1a246 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:45:43.543103776Z 53 PC: 1a246 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:45:43.546151901Z 53 PC: 1a246 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:45:43.547943366Z 53 PC: 1a246 | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:45:43.550919736Z 53 PC: 1a246 | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:45:43.553961168Z 37 PC: 1a275 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:45:43.555680948Z 37 PC: 1a275 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:45:43.557395068Z 37 PC: 1a275 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:45:43.559402458Z 37 PC: 1a275 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:45:43.562412651Z 37 PC: 1a275 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:45:43.567089074Z 37 PC: 1a275 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:45:43.568907991Z 37 PC: 1a275 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:45:43.579512527Z 37 PC: 1a275 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:45:43.581131819Z 37 PC: 1a27c | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:45:43.583046625Z 37 PC: 1a281 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:45:43.586172656Z 68 PC: 1979b | I/O control for devices (Set for = '�WQ�� ')
2018-12-17T22:45:43.589630199Z 68 PC: 1979b | I/O control for devices (Set for = 'ccess error')
2018-12-17T22:45:43.592901835Z 68 PC: 1979b | I/O control for devices (Set for = '� �  � �  �  � � ] u f � 9 E Q ���H�S��� ����2#(- �"�"�!�!    �Q#  ��  `�������������������V� � � � � � � � � C� � � � 6�� � � � � � � � C� � � � � � � � � � � � � C� � � � @B')
2018-12-17T22:45:43.60684938Z 68 PC: 1979b | I/O control for devices (Set for = ' ] u f � 9 E Q ���H�S��� ����2#(- �"�"�!�!    �Q#  ��  `�������������������V� � � � � � � � � C� � � � 6�� � � � � � � � C� � � � � � � � � � � � � C� � � � @B')
2018-12-17T22:45:43.608853554Z 68 PC: 1979b | I/O control for devices (Set for = ' ] u f � 9 E Q ���H�S��� ����2#(- �"�"�!�!    �Q#  ��  `�������������������V� � � � � � � � � C� � � � 6�� � � � � � � � C� � � � � � � � � � � � � C� � � � @B')
2018-12-17T22:45:43.611405066Z 53 PC: 1686a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:45:43.614241303Z 53 PC: 16877 | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:45:43.615614672Z 53 PC: 16884 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:43.616959669Z 37 PC: 16899 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:45:43.619216718Z 37 PC: 168a1 | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:45:43.620643467Z 37 PC: 168a9 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:43.626237894Z 53 PC: 17328 | Get interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T22:45:43.627852076Z 53 PC: 17335 | Get interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T22:45:43.630413076Z 53 PC: 17344 | Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:45:43.632142574Z 37 PC: 17351 | Set interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T22:45:43.633913691Z 53 PC: 17358 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:45:43.636059981Z 37 PC: 17365 | Set interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T22:45:43.637692988Z 53 PC: 17371 | Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:45:43.64339596Z 48 PC: 17433 | Get DOS version
2018-12-17T22:45:43.646308219Z 74 PC: 15535 | Reallocate memory
2018-12-17T22:45:43.648507409Z 74 PC: 15535 | Reallocate memory
2018-12-17T22:45:43.650280289Z 68 PC: 167e0 | I/O control for devices (Set for = 'Ŀ ��Ĵ � � � ���� � � � � �)')
2018-12-17T22:45:43.653238335Z 68 PC: 167e0 | I/O control for devices (Set for = '')
2018-12-17T22:45:43.655106925Z 51 PC: 167fe | Get or set Ctrl-Break
2018-12-17T22:45:43.656371189Z 51 PC: 1680a | Get or set Ctrl-Break
2018-12-17T22:45:43.661858154Z 74 PC: 15535 | Reallocate memory
2018-12-17T22:45:43.663846328Z 51 PC: 16815 | Get or set Ctrl-Break
2018-12-17T22:45:43.665147863Z 37 PC: 16a97 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:45:43.666927726Z 37 PC: 16aa1 | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:45:43.668991301Z 37 PC: 16aab | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:43.670738242Z 53 PC: 14f62 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:45:43.672410603Z 53 PC: 14f6f | Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:45:43.674536706Z 53 PC: 14f7c | Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:45:43.675897382Z 37 PC: 14f97 | Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:45:43.677187766Z 53 PC: 14f9f | Get interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T22:45:43.68227489Z 37 PC: 14fac | Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:45:43.684441339Z 53 PC: 14fb3 | Get interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T22:45:43.686673361Z 37 PC: 14fc0 | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:45:43.689164069Z 37 PC: 14fca | Set interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T22:45:43.691410718Z 37 PC: 14fd5 | Set interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T22:45:43.693351664Z 37 PC: 1a291 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:45:43.695803639Z 37 PC: 1a291 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:45:43.698038967Z 37 PC: 1a291 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:45:43.699785267Z 37 PC: 1a291 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:45:43.70270445Z 37 PC: 1a291 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:45:43.704378353Z 37 PC: 1a291 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:45:43.705977397Z 37 PC: 1a291 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:45:43.708475138Z 37 PC: 1a291 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:45:43.71020178Z 37 PC: 1a291 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:45:43.712338724Z 37 PC: 1a291 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:45:43.715420933Z 37 PC: 1a291 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:45:43.717328496Z 37 PC: 1c526 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:45:43.718749825Z 37 PC: 1984c | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:45:43.723971672Z 41 PC: 193ed | Parse filename
2018-12-17T22:45:43.726570693Z 41 PC: 193ef | Parse filename
2018-12-17T22:45:43.728215202Z 41 PC: 193f4 | Parse filename
2018-12-17T22:45:43.730164884Z 75 PC: 1940a | Execute program
2018-12-17T22:45:43.755856206Z 80 PC: 1f609 | Set current PSP
2018-12-17T22:45:43.756857006Z 48 PC: 1f60e | Get DOS version
2018-12-17T22:45:43.758809402Z 99 PC: 25df0 | Get DBCS lead byte table pointer
2018-12-17T22:45:43.76228524Z 101 PC: 1f694 | Get extended country info
2018-12-17T22:45:43.764136397Z 99 PC: 1f69a | Get DBCS lead byte table pointer
2018-12-17T22:45:43.766948158Z 74 PC: 1f6fc | Reallocate memory
2018-12-17T22:45:43.768755112Z 25 PC: 1f733 | Get default drive
2018-12-17T22:45:43.770169498Z 37 PC: 1f1f3 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:45:43.771368891Z 37 PC: 1f1fa | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:45:43.77344487Z 37 PC: 1f201 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:43.777921388Z 74 PC: 1e39c | Reallocate memory
2018-12-17T22:45:43.779426815Z 72 PC: 1e3dd | Allocate memory
2018-12-17T22:45:43.781821913Z 72 PC: 1e415 | Allocate memory
2018-12-17T22:45:43.7837052Z 72 PC: 1e41d | Allocate memory