Sample viewer

vx.netlux.org/Virus.DOS.HLLO.Jackie.5744

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:47:28.101604599Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:47:28.102854716Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:47:28.104675321Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:47:28.105977098Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:47:28.107252474Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:47:28.109264792Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:28.111104449Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:47:28.112903844Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:47:28.115992469Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:47:28.118322916Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:47:28.120613227Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:47:28.123410067Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:47:28.12477198Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:47:28.126162478Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:47:28.127904544Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:47:28.129407368Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:47:28.130732287Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:47:28.132569135Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:47:28.135198399Z	53	PC: 1318a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:47:28.136785395Z	37	PC: 1319f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:47:28.13845517Z	37	PC: 131a7 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:47:28.140242384Z	37	PC: 131af \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:28.147083981Z	37	PC: 131b7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:47:28.149380793Z	68	PC: 13d8d \| I/O control for devices (Set for = '')
2018-12-17T22:47:28.151385521Z	51	PC: 13100 \| Get or set Ctrl-Break
2018-12-17T22:47:28.154090526Z	48	PC: 1399e \| Get DOS version
2018-12-17T22:47:28.155532115Z	26	PC: 1306d \| Set disk transfer address
2018-12-17T22:47:28.156609775Z	78	PC: 13079 \| Find first file
2018-12-17T22:47:28.164306612Z	61	PC: 13850 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:47:28.172977245Z	66	PC: 13e8c \| Move file pointer
2018-12-17T22:47:28.175733344Z	66	PC: 13e9a \| Move file pointer
2018-12-17T22:47:28.178659279Z	66	PC: 13ea8 \| Move file pointer
2018-12-17T22:47:28.180682107Z	62	PC: 138a0 \| Close file
2018-12-17T22:47:28.183286286Z	26	PC: 13091 \| Set disk transfer address
2018-12-17T22:47:28.185662807Z	79	PC: 13096 \| Find next file
2018-12-17T22:47:28.189121101Z	64	PC: 135a8 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:47:28.192028711Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:47:28.193840309Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:47:28.195419899Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:47:28.196859114Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:47:28.198748637Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:47:28.200299447Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:28.202006059Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:47:28.203772989Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:47:28.205782648Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:47:28.207550054Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:47:28.20934264Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:47:28.211579942Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:47:28.213320256Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:47:28.215060558Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:47:28.217791345Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:47:28.219645662Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:47:28.221450935Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:47:28.223954079Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:47:28.225310326Z	37	PC: 132e1 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:47:28.226678342Z	76	PC: 13320 \| Terminate with return code (Return code = '0')