Sample viewer

vx.netlux.org/Virus.DOS.HLLW.Frust.7008

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:46:10.72388454Z	53	PC: 1389b \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:46:10.726375058Z	53	PC: 138a8 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:46:10.727712533Z	53	PC: 138b5 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:46:10.729425994Z	53	PC: 138c2 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:46:10.731455061Z	53	PC: 138cf \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:46:10.732906562Z	37	PC: 138e2 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:46:10.734140387Z	37	PC: 138ea \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:46:10.736073574Z	37	PC: 138f2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:46:10.737745068Z	68	PC: 13e5b \| I/O control for devices (Set for = '')
2018-12-17T22:46:10.819719841Z	53	PC: 1326f \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:46:10.822597875Z	37	PC: 13282 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:46:10.824802121Z	67	PC: 1311e \| Get or set file attributes
2018-12-17T22:46:10.830615201Z	67	PC: 1311e \| Get or set file attributes
2018-12-17T22:46:11.182240774Z	61	PC: 13e43 \| Open file (Filename = 'c:\autoexec.bat')
2018-12-17T22:46:11.191770628Z	68	PC: 13e5b \| I/O control for devices (Set for = 'c:\autoexec.bat')
2018-12-17T22:46:11.193715296Z	66	PC: 13e9f \| Move file pointer
2018-12-17T22:46:11.196734285Z	66	PC: 13eb6 \| Move file pointer
2018-12-17T22:46:11.199468062Z	63	PC: 13ec3 \| Read file or device (Read 128 bytes on handle 5)
2018-12-17T22:46:11.203243385Z	64	PC: 13f39 \| Write file or device (Write 7 bytes on handle 5)
2018-12-17T22:46:11.206691395Z	62	PC: 13f82 \| Close file
2018-12-17T22:46:11.215451336Z	67	PC: 1311e \| Get or set file attributes
2018-12-17T22:46:11.224544233Z	67	PC: 1311e \| Get or set file attributes
2018-12-17T22:46:11.233906397Z	67	PC: 1311e \| Get or set file attributes
2018-12-17T22:46:11.242099639Z	41	PC: 131aa \| Parse filename
2018-12-17T22:46:11.244172442Z	41	PC: 131b8 \| Parse filename
2018-12-17T22:46:11.245840856Z	75	PC: 131c3 \| Execute program
2018-12-17T22:46:11.266152492Z	80	PC: 1a019 \| Set current PSP
2018-12-17T22:46:11.267370544Z	48	PC: 1a01e \| Get DOS version
2018-12-17T22:46:11.269062858Z	99	PC: 20800 \| Get DBCS lead byte table pointer
2018-12-17T22:46:11.272065702Z	101	PC: 1a0a4 \| Get extended country info
2018-12-17T22:46:11.27437183Z	99	PC: 1a0aa \| Get DBCS lead byte table pointer
2018-12-17T22:46:11.275858418Z	74	PC: 1a10c \| Reallocate memory
2018-12-17T22:46:11.277492469Z	25	PC: 1a143 \| Get default drive
2018-12-17T22:46:11.279738262Z	37	PC: 19c03 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:46:11.281029618Z	37	PC: 19c0a \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:46:11.282330177Z	37	PC: 19c11 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:46:11.287569077Z	74	PC: 18dac \| Reallocate memory
2018-12-17T22:46:11.28917889Z	72	PC: 18ded \| Allocate memory
2018-12-17T22:46:11.290892464Z	72	PC: 18e25 \| Allocate memory
2018-12-17T22:46:11.293635843Z	72	PC: 18e2d \| Allocate memory