Sample viewer

vx.netlux.org/Virus.DOS.HLLP.UX.7200.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:46:55.883080175Z 53 PC: 135ba | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:46:55.885872932Z 53 PC: 135ba | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:46:55.887262583Z 53 PC: 135ba | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:46:55.888636675Z 53 PC: 135ba | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:46:55.89002844Z 53 PC: 135ba | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:46:55.892058544Z 53 PC: 135ba | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:46:55.893368916Z 53 PC: 135ba | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:46:55.894879774Z 53 PC: 135ba | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:46:55.898010997Z 53 PC: 135ba | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:46:55.899564295Z 53 PC: 135ba | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:46:55.901039377Z 53 PC: 135ba | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:46:55.903826944Z 53 PC: 135ba | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:46:55.905579326Z 53 PC: 135ba | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:46:55.90722585Z 53 PC: 135ba | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:46:55.909964665Z 53 PC: 135ba | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:46:55.911591321Z 53 PC: 135ba | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:46:55.913296345Z 53 PC: 135ba | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:46:55.915506718Z 53 PC: 135ba | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:46:55.917404975Z 53 PC: 135ba | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:46:55.918849489Z 37 PC: 135cf | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:46:55.921042048Z 37 PC: 135d7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:46:55.922451206Z 37 PC: 135df | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:46:55.924110072Z 37 PC: 135e7 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:46:55.92624847Z 68 PC: 14372 | I/O control for devices (Set for = 'Q�:���p��
2018-12-17T22:46:55.92920261Z 48 PC: 13ea2 | Get DOS version
2018-12-17T22:46:55.931492091Z 61 PC: 13ce0 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:46:55.939071041Z 87 PC: 132f0 | Get or set file date and time
2018-12-17T22:46:55.948354512Z 60 PC: 13ce0 | Create or truncate file
2018-12-17T22:46:55.966144216Z 66 PC: 13e12 | Move file pointer
2018-12-17T22:46:55.968211951Z 63 PC: 13db3 | Read file or device (Read 8192 bytes on handle 5)
2018-12-17T22:46:55.972781917Z 64 PC: 13db3 | Write file or device (Write 208 bytes on handle 6)
2018-12-17T22:46:55.977358094Z 66 PC: 14471 | Move file pointer
2018-12-17T22:46:55.979454122Z 66 PC: 1447f | Move file pointer
2018-12-17T22:46:55.988998996Z 66 PC: 1448d | Move file pointer
2018-12-17T22:46:55.990876313Z 62 PC: 13d30 | Close file
2018-12-17T22:46:55.993750643Z 87 PC: 1331d | Get or set file date and time
2018-12-17T22:46:55.997241883Z 62 PC: 13d30 | Close file
2018-12-17T22:46:56.005909607Z 67 PC: 132af | Get or set file attributes
2018-12-17T22:46:56.012546356Z 61 PC: 13ce0 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:46:56.019944386Z 87 PC: 132f0 | Get or set file date and time
2018-12-17T22:46:56.0224005Z 63 PC: 13db3 | Read file or device (Read 7200 bytes on handle 5)
2018-12-17T22:46:56.031136504Z 66 PC: 13e12 | Move file pointer
2018-12-17T22:46:56.0333327Z 64 PC: 13db3 | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:46:56.037118132Z 87 PC: 1331d | Get or set file date and time
2018-12-17T22:46:56.039507571Z 62 PC: 13d30 | Close file
2018-12-17T22:46:56.047819778Z 67 PC: 132d6 | Get or set file attributes
2018-12-17T22:46:56.060437244Z 26 PC: 1334d | Set disk transfer address
2018-12-17T22:46:56.061875957Z 78 PC: 13359 | Find first file
2018-12-17T22:46:56.073025044Z 61 PC: 13ce0 | Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-17T22:46:56.081864862Z 63 PC: 13db3 | Read file or device (Read 27 bytes on handle 5)
2018-12-17T22:46:56.088230081Z 62 PC: 13d30 | Close file
2018-12-17T22:46:56.091132755Z 60 PC: 13ce0 | Create or truncate file
2018-12-17T22:46:56.445919048Z 67 PC: 132af | Get or set file attributes
2018-12-17T22:46:56.452708875Z 61 PC: 13ce0 | Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-17T22:46:56.4605941Z 87 PC: 132f0 | Get or set file date and time
2018-12-17T22:46:56.463315403Z 64 PC: 13db3 | Write file or device (Write 7200 bytes on handle 5)
2018-12-17T22:46:56.476219737Z 63 PC: 13db3 | Read file or device (Read 8192 bytes on handle 6)
2018-12-17T22:46:56.479431562Z 64 PC: 13db3 | Write file or device (Write 413 bytes on handle 5)
2018-12-17T22:46:56.483035262Z 66 PC: 14471 | Move file pointer
2018-12-17T22:46:56.485566768Z 66 PC: 1447f | Move file pointer
2018-12-17T22:46:56.487388461Z 66 PC: 1448d | Move file pointer
2018-12-17T22:46:56.489259346Z 62 PC: 13d30 | Close file
2018-12-17T22:46:56.492118979Z 87 PC: 1331d | Get or set file date and time
2018-12-17T22:46:56.493812461Z 62 PC: 13d30 | Close file
2018-12-17T22:46:56.501242711Z 65 PC: 13e29 | Delete file (Filename = 'C:\DOS\EDIT.COM')
2018-12-17T22:46:56.510398362Z 86 PC: 13e6d | Rename file
2018-12-17T22:46:56.514642276Z 67 PC: 132d6 | Get or set file attributes
2018-12-17T22:46:56.522291527Z 26 PC: 13371 | Set disk transfer address
2018-12-17T22:46:56.524269784Z 79 PC: 13376 | Find next file
2018-12-17T22:46:56.527572339Z 61 PC: 13ce0 | Open file (Filename = 'C:\DOS\FORMAT.COM')
2018-12-17T22:46:56.53400237Z 26 PC: 13371 | Set disk transfer address
2018-12-17T22:46:56.53575342Z 79 PC: 13376 | Find next file
2018-12-17T22:46:56.540257121Z 61 PC: 13ce0 | Open file (Filename = 'C:\DOS\KEYB.COM')
2018-12-17T22:46:56.546014117Z 63 PC: 13db3 | Read file or device (Read 27 bytes on handle 6)
2018-12-17T22:46:56.551278358Z 62 PC: 13d30 | Close file
2018-12-17T22:46:56.553799454Z 60 PC: 13ce0 | Create or truncate file
2018-12-17T22:46:56.563825691Z 67 PC: 132af | Get or set file attributes
2018-12-17T22:46:56.568984054Z 61 PC: 13ce0 | Open file (Filename = 'C:\DOS\KEYB.COM')
2018-12-17T22:46:56.575186086Z 87 PC: 132f0 | Get or set file date and time
2018-12-17T22:46:56.576682337Z 64 PC: 13db3 | Write file or device (Write 7200 bytes on handle 6)
2018-12-17T22:46:56.58676474Z 63 PC: 13db3 | Read file or device (Read 8192 bytes on handle 7)
2018-12-17T22:46:56.59325864Z 64 PC: 13db3 | Write file or device (Write 8192 bytes on handle 6)
2018-12-17T22:46:56.600382064Z 66 PC: 14471 | Move file pointer
2018-12-17T22:46:56.602994131Z 66 PC: 1447f | Move file pointer
2018-12-17T22:46:56.606044312Z 66 PC: 1448d | Move file pointer
2018-12-17T22:46:56.608929583Z 63 PC: 13db3 | Read file or device (Read 8192 bytes on handle 7)
2018-12-17T22:46:56.617831889Z 64 PC: 13db3 | Write file or device (Write 7558 bytes on handle 6)
2018-12-17T22:46:56.62850407Z 66 PC: 14471 | Move file pointer
2018-12-17T22:46:56.630933123Z 66 PC: 1447f | Move file pointer
2018-12-17T22:46:56.632908775Z 66 PC: 1448d | Move file pointer
2018-12-17T22:46:56.635106404Z 62 PC: 13d30 | Close file
2018-12-17T22:46:56.63837267Z 87 PC: 1331d | Get or set file date and time
2018-12-17T22:46:56.640444643Z 62 PC: 13d30 | Close file
2018-12-17T22:46:56.647976615Z 65 PC: 13e29 | Delete file (Filename = 'C:\DOS\KEYB.COM')
2018-12-17T22:46:56.660299888Z 86 PC: 13e6d | Rename file
2018-12-17T22:46:56.666456394Z 67 PC: 132d6 | Get or set file attributes
2018-12-17T22:46:56.675875521Z 26 PC: 13371 | Set disk transfer address
2018-12-17T22:46:56.677479815Z 79 PC: 13376 | Find next file
2018-12-17T22:46:56.680588806Z 61 PC: 13ce0 | Open file (Filename = 'C:\DOS\SYS.COM')
2018-12-17T22:46:56.686643032Z 26 PC: 13371 | Set disk transfer address
2018-12-17T22:46:56.688386147Z 79 PC: 13376 | Find next file
2018-12-17T22:46:56.69115057Z 26 PC: 1334d | Set disk transfer address
2018-12-17T22:46:56.692298818Z 78 PC: 13359 | Find first file
2018-12-17T22:46:56.698493516Z 61 PC: 13ce0 | Open file (Filename = 'C:\DOS\ATTRIB.EXE')
2018-12-17T22:46:56.703936302Z 63 PC: 13db3 | Read file or device (Read 27 bytes on handle 7)
2018-12-17T22:46:56.708563055Z 62 PC: 13d30 | Close file
2018-12-17T22:46:56.711415494Z 60 PC: 13ce0 | Create or truncate file
2018-12-17T22:46:56.725602098Z 67 PC: 132af | Get or set file attributes
2018-12-17T22:46:56.732236132Z 61 PC: 13ce0 | Open file (Filename = 'C:\DOS\ATTRIB.EXE')
2018-12-17T22:46:56.741661931Z 87 PC: 132f0 | Get or set file date and time
2018-12-17T22:46:56.743526845Z 64 PC: 13db3 | Write file or device (Write 7200 bytes on handle 7)
2018-12-17T22:46:56.75200858Z 63 PC: 13db3 | Read file or device (Read 8192 bytes on handle 8)
2018-12-17T22:46:56.760086787Z 64 PC: 13db3 | Write file or device (Write 8192 bytes on handle 7)
2018-12-17T22:46:56.769522706Z 66 PC: 14471 | Move file pointer
2018-12-17T22:46:56.771444156Z 66 PC: 1447f | Move file pointer
2018-12-17T22:46:56.773547458Z 66 PC: 1448d | Move file pointer
2018-12-17T22:46:56.775908954Z 63 PC: 13db3 | Read file or device (Read 8192 bytes on handle 8)
2018-12-17T22:46:56.781724531Z 64 PC: 13db3 | Write file or device (Write 3016 bytes on handle 7)
2018-12-17T22:46:56.788226406Z 66 PC: 14471 | Move file pointer
2018-12-17T22:46:56.790242294Z 66 PC: 1447f | Move file pointer
2018-12-17T22:46:56.791636994Z 66 PC: 1448d | Move file pointer
2018-12-17T22:46:56.793049157Z 62 PC: 13d30 | Close file
2018-12-17T22:46:56.795326476Z 87 PC: 1331d | Get or set file date and time
2018-12-17T22:46:56.796754408Z 62 PC: 13d30 | Close file
2018-12-17T22:46:56.802524931Z 65 PC: 13e29 | Delete file (Filename = 'C:\DOS\ATTRIB.EXE')
2018-12-17T22:46:56.815986833Z 86 PC: 13e6d | Rename file
2018-12-17T22:46:56.821997145Z 67 PC: 132d6 | Get or set file attributes
2018-12-17T22:46:56.832920688Z 26 PC: 13371 | Set disk transfer address
2018-12-17T22:46:56.835269471Z 79 PC: 13376 | Find next file
2018-12-17T22:46:56.83999009Z 61 PC: 13ce0 | Open file (Filename = 'C:\DOS\CHKDSK.EXE')
2018-12-17T22:46:56.847728579Z 26 PC: 13371 | Set disk transfer address
2018-12-17T22:46:56.850042106Z 79 PC: 13376 | Find next file
2018-12-17T22:46:56.854708904Z 61 PC: 13ce0 | Open file (Filename = 'C:\DOS\DEBUG.EXE')
2018-12-17T22:46:56.862550497Z 63 PC: 13db3 | Read file or device (Read 27 bytes on handle 8)
2018-12-17T22:46:56.869779438Z 62 PC: 13d30 | Close file
2018-12-17T22:46:56.873394961Z 60 PC: 13ce0 | Create or truncate file
2018-12-17T22:46:56.886586796Z 67 PC: 132af | Get or set file attributes
2018-12-17T22:46:56.893962013Z 61 PC: 13ce0 | Open file (Filename = 'C:\DOS\DEBUG.EXE')
2018-12-17T22:46:56.902007118Z 87 PC: 132f0 | Get or set file date and time
2018-12-17T22:46:56.903962161Z 64 PC: 13db3 | Write file or device (Write 7200 bytes on handle 8)
2018-12-17T22:46:56.913303842Z 63 PC: 13db3 | Read file or device (Read 8192 bytes on handle 9)
2018-12-17T22:46:56.921984953Z 64 PC: 13db3 | Write file or device (Write 8192 bytes on handle 8)
2018-12-17T22:46:56.931370606Z 66 PC: 14471 | Move file pointer
2018-12-17T22:46:56.933209982Z 66 PC: 1447f | Move file pointer
2018-12-17T22:46:56.936909493Z 66 PC: 1448d | Move file pointer
2018-12-17T22:46:56.938889072Z 63 PC: 13db3 | Read file or device (Read 8192 bytes on handle 9)
2018-12-17T22:46:56.947232718Z 64 PC: 13db3 | Write file or device (Write 7526 bytes on handle 8)
2018-12-17T22:46:56.957427462Z 66 PC: 14471 | Move file pointer
2018-12-17T22:46:56.959259484Z 66 PC: 1447f | Move file pointer
2018-12-17T22:46:56.961090775Z 66 PC: 1448d | Move file pointer
2018-12-17T22:46:56.964046017Z 62 PC: 13d30 | Close file
2018-12-17T22:46:56.966349805Z 87 PC: 1331d | Get or set file date and time
2018-12-17T22:46:56.968326319Z 62 PC: 13d30 | Close file
2018-12-17T22:46:56.97668907Z 65 PC: 13e29 | Delete file (Filename = 'C:\DOS\DEBUG.EXE')
2018-12-17T22:46:56.988480895Z 86 PC: 13e6d | Rename file
2018-12-17T22:46:56.994175654Z 67 PC: 132d6 | Get or set file attributes
2018-12-17T22:46:57.006373221Z 26 PC: 13371 | Set disk transfer address
2018-12-17T22:46:57.008215132Z 79 PC: 13376 | Find next file
2018-12-17T22:46:57.012473212Z 41 PC: 1351c | Parse filename
2018-12-17T22:46:57.015067586Z 41 PC: 1352a | Parse filename
2018-12-17T22:46:57.017200413Z 75 PC: 13535 | Execute program