Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Inna.6640.a

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:47:26.420957835Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:47:26.423268376Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:47:26.425042277Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:47:26.426610387Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:47:26.428793637Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:47:26.43058192Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:26.43218731Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:47:26.433738975Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:47:26.444153985Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:47:26.445616313Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:47:26.447084389Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:47:26.449322897Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:47:26.450847616Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:47:26.452415322Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:47:26.454585917Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:47:26.456131435Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:47:26.457571141Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:47:26.46005396Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:47:26.461864705Z	53	PC: 136a2 \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:47:26.463369421Z	37	PC: 136b7 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:47:26.46538475Z	37	PC: 136bf \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:47:26.466832352Z	37	PC: 136c7 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:26.468199991Z	37	PC: 136cf \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:47:26.470701719Z	68	PC: 13a3f \| I/O control for devices (Set for = '')
2018-12-17T22:47:26.472608322Z	53	PC: 1348b \| Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:47:26.474148179Z	37	PC: 134a7 \| Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:47:26.475990906Z	48	PC: 1426a \| Get DOS version
2018-12-17T22:47:26.477838392Z	61	PC: 1402a \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:47:26.485676215Z	63	PC: 140fd \| Read file or device (Read 6640 bytes on handle 5)
2018-12-17T22:47:26.501593249Z	62	PC: 1407a \| Close file
2018-12-17T22:47:26.503924364Z	26	PC: 1342b \| Set disk transfer address
2018-12-17T22:47:26.504990005Z	78	PC: 13437 \| Find first file
2018-12-17T22:47:26.511570958Z	26	PC: 1344f \| Set disk transfer address
2018-12-17T22:47:26.513883239Z	79	PC: 13454 \| Find next file
2018-12-17T22:47:26.517336136Z	26	PC: 1344f \| Set disk transfer address
2018-12-17T22:47:26.518667084Z	79	PC: 13454 \| Find next file
2018-12-17T22:47:26.523027281Z	26	PC: 1344f \| Set disk transfer address
2018-12-17T22:47:26.524374671Z	79	PC: 13454 \| Find next file
2018-12-17T22:47:26.527721659Z	26	PC: 1344f \| Set disk transfer address
2018-12-17T22:47:26.529882092Z	79	PC: 13454 \| Find next file
2018-12-17T22:47:26.534682986Z	26	PC: 1344f \| Set disk transfer address
2018-12-17T22:47:26.53598918Z	79	PC: 13454 \| Find next file
2018-12-17T22:47:26.540064598Z	26	PC: 1344f \| Set disk transfer address
2018-12-17T22:47:26.541394347Z	79	PC: 13454 \| Find next file
2018-12-17T22:47:26.544735271Z	26	PC: 1344f \| Set disk transfer address
2018-12-17T22:47:26.5461966Z	79	PC: 13454 \| Find next file
2018-12-17T22:47:26.549849361Z	26	PC: 1344f \| Set disk transfer address
2018-12-17T22:47:26.551081915Z	79	PC: 13454 \| Find next file
2018-12-17T22:47:26.558116436Z	26	PC: 1344f \| Set disk transfer address
2018-12-17T22:47:26.559416162Z	79	PC: 13454 \| Find next file
2018-12-17T22:47:26.563442385Z	26	PC: 1344f \| Set disk transfer address
2018-12-17T22:47:26.564689847Z	79	PC: 13454 \| Find next file
2018-12-17T22:47:26.568261782Z	26	PC: 1344f \| Set disk transfer address
2018-12-17T22:47:26.569262797Z	79	PC: 13454 \| Find next file
2018-12-17T22:47:26.574167991Z	26	PC: 1344f \| Set disk transfer address
2018-12-17T22:47:26.576458749Z	79	PC: 13454 \| Find next file
2018-12-17T22:47:26.579930641Z	26	PC: 1344f \| Set disk transfer address
2018-12-17T22:47:26.581540099Z	79	PC: 13454 \| Find next file
2018-12-17T22:47:26.585829974Z	26	PC: 1344f \| Set disk transfer address
2018-12-17T22:47:26.587173616Z	79	PC: 13454 \| Find next file
2018-12-17T22:47:26.590896897Z	64	PC: 13b42 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:47:26.593699157Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:47:26.595062228Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:47:26.596418173Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:47:26.598732753Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:47:26.600043887Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:47:26.601364812Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:26.603486447Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:47:26.605265076Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:47:26.606308053Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:47:26.608051302Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:47:26.609142508Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:47:26.610115616Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:47:26.611421061Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:47:26.612698386Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:47:26.61403268Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:47:26.615895163Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:47:26.622604075Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:47:26.624032884Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:47:26.625918251Z	37	PC: 137b6 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:47:26.627023573Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.628967066Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.631672622Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.636303987Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.63859948Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.641045668Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.644050152Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.646300967Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.648596701Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.651232775Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.654178657Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.656408998Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.660131832Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.662385142Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.664670685Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.667829704Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.672786657Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.679160935Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.682074906Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.684359207Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.686649809Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.69029398Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.692597972Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.694896554Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.698663315Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.700688923Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.702659801Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.705460989Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.708135148Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.710805617Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.714240301Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.717186268Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.719720539Z	6	PC: 1383d \| Direct console I/O
2018-12-17T22:47:26.7244832Z	76	PC: 137f5 \| Terminate with return code (Return code = '202')