Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Infekt.6496

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:48:17.486220424Z 53 PC: 1328a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:48:17.488390238Z 53 PC: 1328a | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:48:17.490331665Z 53 PC: 1328a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:48:17.492149067Z 53 PC: 1328a | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:48:17.493806003Z 53 PC: 1328a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:48:17.495670537Z 53 PC: 1328a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:48:17.497121308Z 53 PC: 1328a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:48:17.498701211Z 53 PC: 1328a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:48:17.501448629Z 53 PC: 1328a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:48:17.503346134Z 53 PC: 1328a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:48:17.505272821Z 53 PC: 1328a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:48:17.509701186Z 53 PC: 1328a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:48:17.511719463Z 53 PC: 1328a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:48:17.513603475Z 53 PC: 1328a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:48:17.517074498Z 53 PC: 1328a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:48:17.518492331Z 53 PC: 1328a | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:48:17.519980804Z 53 PC: 1328a | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:48:17.522037287Z 53 PC: 1328a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:48:17.523785034Z 53 PC: 1328a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:48:17.52583413Z 37 PC: 1329f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:48:17.52775161Z 37 PC: 132a7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:48:17.529985736Z 37 PC: 132af | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:48:17.531139097Z 37 PC: 132b7 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:48:17.532829651Z 68 PC: 13f1d | I/O control for devices (Set for = '')
2018-12-17T22:48:17.535810602Z 64 PC: 136a8 | Write file or device (Write 9 bytes on handle 1)
2018-12-17T22:48:17.541350729Z 26 PC: 131d5 | Set disk transfer address
2018-12-17T22:48:17.547918967Z 78 PC: 131e1 | Find first file
2018-12-17T22:48:17.559898792Z 64 PC: 136a8 | Write file or device (Write 10 bytes on handle 1)
2018-12-17T22:48:17.56731395Z 48 PC: 13b2e | Get DOS version
2018-12-17T22:48:17.569279036Z 61 PC: 139e0 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:48:17.583228866Z 61 PC: 139e0 | Open file (Filename = 'TEST.EXE')
2018-12-17T22:48:17.591143083Z 64 PC: 136a8 | Write file or device (Write 4 bytes on handle 1)
2018-12-17T22:48:17.594736517Z 64 PC: 136a8 | Write file or device (Write 10 bytes on handle 1)
2018-12-17T22:48:17.601181774Z 63 PC: 13ab3 | Read file or device (Read 55 bytes on handle 5)
2018-12-17T22:48:17.609414589Z 63 PC: 13ab3 | Read file or device (Read 55 bytes on handle 6)
2018-12-17T22:48:17.612643372Z 62 PC: 13a30 | Close file
2018-12-17T22:48:17.615414646Z 62 PC: 13a30 | Close file
2018-12-17T22:48:17.618287011Z 64 PC: 136a8 | Write file or device (Write 23 bytes on handle 1)
2018-12-17T22:48:17.624147307Z 26 PC: 131f9 | Set disk transfer address
2018-12-17T22:48:17.626934227Z 79 PC: 131fe | Find next file
2018-12-17T22:48:17.631523372Z 26 PC: 131d5 | Set disk transfer address
2018-12-17T22:48:17.633340461Z 78 PC: 131e1 | Find first file
2018-12-17T22:48:17.641541718Z 26 PC: 131f9 | Set disk transfer address
2018-12-17T22:48:17.643988009Z 79 PC: 131fe | Find next file
2018-12-17T22:48:17.647741866Z 26 PC: 131f9 | Set disk transfer address
2018-12-17T22:48:17.64900286Z 79 PC: 131fe | Find next file
2018-12-17T22:48:17.653203593Z 26 PC: 131f9 | Set disk transfer address
2018-12-17T22:48:17.660818836Z 79 PC: 131fe | Find next file
2018-12-17T22:48:17.663992123Z 26 PC: 131f9 | Set disk transfer address
2018-12-17T22:48:17.670619835Z 79 PC: 131fe | Find next file
2018-12-17T22:48:17.674160104Z 26 PC: 131f9 | Set disk transfer address
2018-12-17T22:48:17.675443399Z 79 PC: 131fe | Find next file
2018-12-17T22:48:17.679208945Z 26 PC: 131f9 | Set disk transfer address
2018-12-17T22:48:17.680484625Z 79 PC: 131fe | Find next file
2018-12-17T22:48:17.683449995Z 26 PC: 131f9 | Set disk transfer address
2018-12-17T22:48:17.690453798Z 79 PC: 131fe | Find next file
2018-12-17T22:48:17.693736981Z 26 PC: 131f9 | Set disk transfer address
2018-12-17T22:48:17.695347692Z 79 PC: 131fe | Find next file
2018-12-17T22:48:17.698864836Z 26 PC: 131f9 | Set disk transfer address
2018-12-17T22:48:17.700723555Z 79 PC: 131fe | Find next file
2018-12-17T22:48:17.704119088Z 64 PC: 136a8 | Write file or device (Write 9 bytes on handle 1)
2018-12-17T22:48:17.712353486Z 26 PC: 131d5 | Set disk transfer address
2018-12-17T22:48:17.714109652Z 78 PC: 131e1 | Find first file
2018-12-17T22:48:17.721867073Z 64 PC: 136a8 | Write file or device (Write 11 bytes on handle 1)
2018-12-17T22:48:17.728519847Z 48 PC: 13b2e | Get DOS version
2018-12-17T22:48:17.731917496Z 61 PC: 139e0 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:48:17.740341795Z 61 PC: 139e0 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:48:17.748548458Z 64 PC: 136a8 | Write file or device (Write 4 bytes on handle 1)
2018-12-17T22:48:17.753756165Z 64 PC: 136a8 | Write file or device (Write 11 bytes on handle 1)
2018-12-17T22:48:17.759079758Z 63 PC: 13ab3 | Read file or device (Read 55 bytes on handle 5)
2018-12-17T22:48:17.762261222Z 63 PC: 13ab3 | Read file or device (Read 55 bytes on handle 6)
2018-12-17T22:48:17.770866671Z 64 PC: 136a8 | Write file or device (Write 20 bytes on handle 1)
2018-12-17T22:48:17.776198942Z 62 PC: 13a30 | Close file
2018-12-17T22:48:17.778286212Z 62 PC: 13a30 | Close file
2018-12-17T22:48:17.781304588Z 64 PC: 136a8 | Write file or device (Write 16 bytes on handle 1)
2018-12-17T22:48:17.788792122Z 48 PC: 13b2e | Get DOS version
2018-12-17T22:48:17.792271698Z 61 PC: 139e0 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:48:17.800280351Z 64 PC: 136a8 | Write file or device (Write 11 bytes on handle 1)
2018-12-17T22:48:17.80727236Z 61 PC: 139e0 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:48:17.814921963Z 48 PC: 13b2e | Get DOS version
2018-12-17T22:48:17.816770849Z 64 PC: 136a8 | Write file or device (Write 19 bytes on handle 1)
2018-12-17T22:48:17.824358132Z 63 PC: 13651 | Read file or device (Read 128 bytes on handle 0)