Sample viewer

vx.netlux.org/Virus.DOS.HLLC.Team.8897

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:48:20.779211427Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:48:20.781358341Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:48:20.782617537Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:48:20.783874289Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:48:20.786058853Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:48:20.787784777Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:48:20.789349076Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:48:20.791508172Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:48:20.793350263Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:48:20.795560546Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:48:20.797583908Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:48:20.800032309Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:48:20.802054669Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:48:20.804523408Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:48:20.807020009Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:48:20.808339428Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:48:20.809632458Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:48:20.812096508Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:48:20.814676906Z	53	PC: 1371a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:48:20.817225195Z	37	PC: 1372f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:48:20.825155436Z	37	PC: 13737 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:48:20.826685871Z	37	PC: 1373f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:48:20.828265279Z	37	PC: 13747 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:48:20.830996721Z	68	PC: 14203 \| I/O control for devices (Set for = '')
2018-12-17T22:48:20.972443439Z	64	PC: 13b38 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:48:20.974702735Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:48:20.977485584Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:48:20.979206557Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:48:20.981175477Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:48:20.989268123Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:48:20.991043219Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:48:20.992536855Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:48:20.994049758Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:48:20.99668582Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:48:20.998614364Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:48:21.000305371Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:48:21.002935383Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:48:21.004474976Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:48:21.006007235Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:48:21.008482236Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:48:21.010128469Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:48:21.011710051Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:48:21.017640524Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:48:21.019159268Z	37	PC: 13871 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:48:21.020704411Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.024890928Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.027790607Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.030429305Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.033927117Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.036613455Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.039068548Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.042248592Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.044616662Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.046941771Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.049466515Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.052121003Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.054373866Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.056624224Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.059912914Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.062279751Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.064938237Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.070220762Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.072435995Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.074639235Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.07774483Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.080703099Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.083994232Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.087050425Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.0893949Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.091626323Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.093988271Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.097645784Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.09988419Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.102143184Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.105469104Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.107860537Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.110215272Z	6	PC: 138f8 \| Direct console I/O
2018-12-17T22:48:21.114830434Z	76	PC: 138b0 \| Terminate with return code (Return code = '200')