Sample viewer

vx.netlux.org/Virus.DOS.HLLO.Sym.34384

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:45:43.508377245Z	48	PC: 1963c \| Get DOS version
2018-12-17T22:45:43.511370547Z	74	PC: 1968c \| Reallocate memory
2018-12-17T22:45:43.5146843Z	48	PC: 196f0 \| Get DOS version
2018-12-17T22:45:43.516412406Z	53	PC: 196f8 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:45:43.51798518Z	37	PC: 1970a \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:45:43.519911959Z	53	PC: 1c4f2 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:45:43.521186783Z	37	PC: 1c502 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:45:43.522723039Z	53	PC: 1c507 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:45:43.525847016Z	37	PC: 1c517 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:45:43.527551998Z	53	PC: 1a246 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:45:43.529829495Z	53	PC: 1a246 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:45:43.532687012Z	53	PC: 1a246 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:45:43.534431709Z	53	PC: 1a246 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:45:43.536154645Z	53	PC: 1a246 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:45:43.538501943Z	53	PC: 1a246 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:45:43.540591137Z	53	PC: 1a246 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:45:43.543103776Z	53	PC: 1a246 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:45:43.546151901Z	53	PC: 1a246 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:45:43.547943366Z	53	PC: 1a246 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:45:43.550919736Z	53	PC: 1a246 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:45:43.553961168Z	37	PC: 1a275 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:45:43.555680948Z	37	PC: 1a275 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:45:43.557395068Z	37	PC: 1a275 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:45:43.559402458Z	37	PC: 1a275 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:45:43.562412651Z	37	PC: 1a275 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:45:43.567089074Z	37	PC: 1a275 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:45:43.568907991Z	37	PC: 1a275 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:45:43.579512527Z	37	PC: 1a275 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:45:43.581131819Z	37	PC: 1a27c \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:45:43.583046625Z	37	PC: 1a281 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:45:43.586172656Z	68	PC: 1979b \| I/O control for devices (Set for = '�WQ��')
2018-12-17T22:45:43.589630199Z	68	PC: 1979b \| I/O control for devices (Set for = 'ccess error')
2018-12-17T22:45:43.592901835Z	68	PC: 1979b \| I/O control for devices (Set for = '� � �� ] u f �9 E Q ��H�S�� 2#(- �"�"�!�! �Q# �� `��V� � � � � � � � � C� � � � 6�� C� � � � � � � � � � � � � C� � � � @B')
2018-12-17T22:45:43.60684938Z	68	PC: 1979b \| I/O control for devices (Set for = '] u f �9 E Q ��H�S�� 2#(- �"�"�!�! �Q# �� `��V� � � � � � � � � C� � � � 6�� C� � � � � � � � � � � � � C� � � � @B')
2018-12-17T22:45:43.608853554Z	68	PC: 1979b \| I/O control for devices (Set for = '] u f �9 E Q ��H�S�� 2#(- �"�"�!�! �Q# �� `��V� � � � � � � � � C� � � � 6�� C� � � � � � � � � � � � � C� � � � @B')
2018-12-17T22:45:43.611405066Z	53	PC: 1686a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:45:43.614241303Z	53	PC: 16877 \| Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:45:43.615614672Z	53	PC: 16884 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:43.616959669Z	37	PC: 16899 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:45:43.619216718Z	37	PC: 168a1 \| Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:45:43.620643467Z	37	PC: 168a9 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:43.626237894Z	53	PC: 17328 \| Get interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T22:45:43.627852076Z	53	PC: 17335 \| Get interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T22:45:43.630413076Z	53	PC: 17344 \| Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:45:43.632142574Z	37	PC: 17351 \| Set interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T22:45:43.633913691Z	53	PC: 17358 \| Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:45:43.636059981Z	37	PC: 17365 \| Set interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T22:45:43.637692988Z	53	PC: 17371 \| Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:45:43.64339596Z	48	PC: 17433 \| Get DOS version
2018-12-17T22:45:43.646308219Z	74	PC: 15535 \| Reallocate memory
2018-12-17T22:45:43.648507409Z	74	PC: 15535 \| Reallocate memory
2018-12-17T22:45:43.650280289Z	68	PC: 167e0 \| I/O control for devices (Set for = 'Ŀ ��Ĵ � � � �� )')
2018-12-17T22:45:43.653238335Z	68	PC: 167e0 \| I/O control for devices (Set for = '')
2018-12-17T22:45:43.655106925Z	51	PC: 167fe \| Get or set Ctrl-Break
2018-12-17T22:45:43.656371189Z	51	PC: 1680a \| Get or set Ctrl-Break
2018-12-17T22:45:43.661858154Z	74	PC: 15535 \| Reallocate memory
2018-12-17T22:45:43.663846328Z	51	PC: 16815 \| Get or set Ctrl-Break
2018-12-17T22:45:43.665147863Z	37	PC: 16a97 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:45:43.666927726Z	37	PC: 16aa1 \| Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:45:43.668991301Z	37	PC: 16aab \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:43.670738242Z	53	PC: 14f62 \| Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:45:43.672410603Z	53	PC: 14f6f \| Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:45:43.674536706Z	53	PC: 14f7c \| Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:45:43.675897382Z	37	PC: 14f97 \| Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:45:43.677187766Z	53	PC: 14f9f \| Get interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T22:45:43.68227489Z	37	PC: 14fac \| Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:45:43.684441339Z	53	PC: 14fb3 \| Get interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T22:45:43.686673361Z	37	PC: 14fc0 \| Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:45:43.689164069Z	37	PC: 14fca \| Set interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T22:45:43.691410718Z	37	PC: 14fd5 \| Set interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T22:45:43.693351664Z	37	PC: 1a291 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:45:43.695803639Z	37	PC: 1a291 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:45:43.698038967Z	37	PC: 1a291 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:45:43.699785267Z	37	PC: 1a291 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:45:43.70270445Z	37	PC: 1a291 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:45:43.704378353Z	37	PC: 1a291 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:45:43.705977397Z	37	PC: 1a291 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:45:43.708475138Z	37	PC: 1a291 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:45:43.71020178Z	37	PC: 1a291 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:45:43.712338724Z	37	PC: 1a291 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:45:43.715420933Z	37	PC: 1a291 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:45:43.717328496Z	37	PC: 1c526 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:45:43.718749825Z	37	PC: 1984c \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:45:43.723971672Z	41	PC: 193ed \| Parse filename
2018-12-17T22:45:43.726570693Z	41	PC: 193ef \| Parse filename
2018-12-17T22:45:43.728215202Z	41	PC: 193f4 \| Parse filename
2018-12-17T22:45:43.730164884Z	75	PC: 1940a \| Execute program
2018-12-17T22:45:43.755856206Z	80	PC: 1f609 \| Set current PSP
2018-12-17T22:45:43.756857006Z	48	PC: 1f60e \| Get DOS version
2018-12-17T22:45:43.758809402Z	99	PC: 25df0 \| Get DBCS lead byte table pointer
2018-12-17T22:45:43.76228524Z	101	PC: 1f694 \| Get extended country info
2018-12-17T22:45:43.764136397Z	99	PC: 1f69a \| Get DBCS lead byte table pointer
2018-12-17T22:45:43.766948158Z	74	PC: 1f6fc \| Reallocate memory
2018-12-17T22:45:43.768755112Z	25	PC: 1f733 \| Get default drive
2018-12-17T22:45:43.770169498Z	37	PC: 1f1f3 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:45:43.771368891Z	37	PC: 1f1fa \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:45:43.77344487Z	37	PC: 1f201 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:43.777921388Z	74	PC: 1e39c \| Reallocate memory
2018-12-17T22:45:43.779426815Z	72	PC: 1e3dd \| Allocate memory
2018-12-17T22:45:43.781821913Z	72	PC: 1e415 \| Allocate memory
2018-12-17T22:45:43.7837052Z	72	PC: 1e41d \| Allocate memory