Sample viewer

vx.netlux.org/Virus.DOS.HLLO.Crypt

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:46:09.816043797Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:46:09.818170727Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:46:09.819425893Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:46:09.820554587Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:46:09.822586248Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:46:09.823704975Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:46:09.824836998Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:46:09.827034332Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:46:09.828592756Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:46:09.830047109Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:46:09.832528576Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:46:09.833691913Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:46:09.834722896Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:46:09.835927322Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:46:09.837138894Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:46:09.838143571Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:46:09.839348285Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:46:09.84099404Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:46:09.842213725Z	53	PC: 134f2 \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:46:09.843285404Z	37	PC: 13507 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:46:09.844753245Z	37	PC: 1350f \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:46:09.845583413Z	37	PC: 13517 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:46:09.846398509Z	37	PC: 1351f \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:46:09.860269114Z	68	PC: 1388f \| I/O control for devices (Set for = '')
2018-12-17T22:46:09.862329767Z	26	PC: 133cb \| Set disk transfer address
2018-12-17T22:46:09.863454742Z	78	PC: 133d7 \| Find first file
2018-12-17T22:46:09.870750032Z	26	PC: 133ef \| Set disk transfer address
2018-12-17T22:46:09.871964326Z	79	PC: 133f4 \| Find next file
2018-12-17T22:46:09.874750465Z	60	PC: 14056 \| Create or truncate file
2018-12-17T22:46:10.220858705Z	62	PC: 140a6 \| Close file
2018-12-17T22:46:10.222317683Z	65	PC: 1419f \| Delete file (Filename = 'c:\black_cr.ypt')
2018-12-17T22:46:10.228380937Z	61	PC: 14056 \| Open file (Filename = '')
2018-12-17T22:46:10.234012023Z	64	PC: 13992 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:46:10.235568701Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:46:10.23662668Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:46:10.238101626Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:46:10.239231329Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:46:10.240130842Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:46:10.241864918Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:46:10.242896843Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:46:10.243799842Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:46:10.245888503Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:46:10.247167931Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:46:10.248554693Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:46:10.250135329Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:46:10.253939793Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:46:10.261058005Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:46:10.264063551Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:46:10.265937795Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:46:10.267738537Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:46:10.269546026Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:46:10.272150657Z	37	PC: 13606 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:46:10.273779236Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.276393126Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.279907344Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.282264284Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.284562013Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.28786294Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.290188411Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.292498635Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.295763367Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.298302307Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.300462298Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.30375563Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.305833786Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.307696152Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.310292359Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.312419094Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.314822707Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.318263129Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.32146612Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.323832363Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.32699404Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.329821771Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.332233667Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.335297052Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.338306643Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.34058077Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.342918972Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.345712221Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.347849118Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.350329098Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.352890106Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.355278518Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.357603284Z	6	PC: 1368d \| Direct console I/O
2018-12-17T22:46:10.362144527Z	76	PC: 13645 \| Terminate with return code (Return code = '2')