Sample viewer

vx.netlux.org/Virus.DOS.HLLC.Energy.5888

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:48:47.083600938Z 53 PC: 1300a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:48:47.086203508Z 53 PC: 1300a | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:48:47.087898824Z 53 PC: 1300a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:48:47.089441953Z 53 PC: 1300a | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:48:47.091011112Z 53 PC: 1300a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:48:47.094476603Z 53 PC: 1300a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:48:47.096136742Z 53 PC: 1300a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:48:47.097815556Z 53 PC: 1300a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:48:47.102074108Z 53 PC: 1300a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:48:47.103438882Z 53 PC: 1300a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:48:47.104857618Z 53 PC: 1300a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:48:47.107592817Z 53 PC: 1300a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:48:47.109243819Z 53 PC: 1300a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:48:47.110905422Z 53 PC: 1300a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:48:47.112892135Z 53 PC: 1300a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:48:47.114948128Z 53 PC: 1300a | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:48:47.116431655Z 53 PC: 1300a | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:48:47.1184302Z 53 PC: 1300a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:48:47.123821239Z 53 PC: 1300a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:48:47.127291199Z 37 PC: 1301f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:48:47.129013054Z 37 PC: 13027 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:48:47.132365332Z 37 PC: 1302f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:48:47.134032134Z 37 PC: 13037 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:48:47.135934419Z 68 PC: 13ee0 | I/O control for devices (Set for = '��������Lr���')
2018-12-17T22:48:47.138773243Z 25 PC: 13bb2 | Get default drive
2018-12-17T22:48:47.140444032Z 71 PC: 13bc5 | Get current directory
2018-12-17T22:48:47.144143132Z 48 PC: 13b25 | Get DOS version
2018-12-17T22:48:47.146929357Z 25 PC: 13bb2 | Get default drive
2018-12-17T22:48:47.148337253Z 71 PC: 13bc5 | Get current directory
2018-12-17T22:48:47.152342628Z 25 PC: 13bb2 | Get default drive
2018-12-17T22:48:47.154607874Z 71 PC: 13bc5 | Get current directory
2018-12-17T22:48:47.158957417Z 14 PC: 13c0b | Set default drive (Drive = 'C')
2018-12-17T22:48:47.160793236Z 25 PC: 13c0f | Get default drive
2018-12-17T22:48:47.165744109Z 59 PC: 13c79 | Change current directory
2018-12-17T22:48:47.17023688Z 26 PC: 12ee7 | Set disk transfer address
2018-12-17T22:48:47.171629918Z 78 PC: 12ef3 | Find first file
2018-12-17T22:48:47.179324806Z 26 PC: 12ee7 | Set disk transfer address
2018-12-17T22:48:47.180912939Z 78 PC: 12ef3 | Find first file
2018-12-17T22:48:47.18691108Z 26 PC: 12f0b | Set disk transfer address
2018-12-17T22:48:47.188047485Z 79 PC: 12f10 | Find next file
2018-12-17T22:48:47.191579491Z 26 PC: 12f0b | Set disk transfer address
2018-12-17T22:48:47.192764538Z 79 PC: 12f10 | Find next file
2018-12-17T22:48:47.195702548Z 59 PC: 13c79 | Change current directory
2018-12-17T22:48:47.203086532Z 26 PC: 12ee7 | Set disk transfer address
2018-12-17T22:48:47.204681369Z 78 PC: 12ef3 | Find first file
2018-12-17T22:48:47.213820931Z 25 PC: 13bb2 | Get default drive
2018-12-17T22:48:47.215505266Z 71 PC: 13bc5 | Get current directory
2018-12-17T22:48:47.218629676Z 26 PC: 12ee7 | Set disk transfer address
2018-12-17T22:48:47.220094458Z 78 PC: 12ef3 | Find first file
2018-12-17T22:48:47.230778623Z 61 PC: 139d7 | Open file (Filename = 'A:\\EST.EXE')
2018-12-17T22:48:47.233925225Z 64 PC: 1372f | Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:48:47.235974807Z 37 PC: 13161 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:48:47.237979293Z 37 PC: 13161 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:48:47.239292069Z 37 PC: 13161 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:48:47.240579298Z 37 PC: 13161 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:48:47.242683551Z 37 PC: 13161 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:48:47.244451894Z 37 PC: 13161 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:48:47.246187074Z 37 PC: 13161 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:48:47.247953243Z 37 PC: 13161 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:48:47.250562906Z 37 PC: 13161 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:48:47.251925075Z 37 PC: 13161 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:48:47.253236129Z 37 PC: 13161 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:48:47.255368325Z 37 PC: 13161 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:48:47.257458001Z 37 PC: 13161 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:48:47.259282579Z 37 PC: 13161 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:48:47.261638256Z 37 PC: 13161 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:48:47.263251337Z 37 PC: 13161 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:48:47.264941873Z 37 PC: 13161 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:48:47.267446579Z 37 PC: 13161 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:48:47.26887873Z 37 PC: 13161 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:48:47.270502611Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.273562501Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.275961217Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.278576862Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.281419653Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.284078198Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.286490491Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.288989406Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.291796962Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.294046719Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.296336801Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.298854672Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.301426214Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.30410668Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.307371354Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.309885067Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.31231304Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.315135292Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.317428861Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.319633294Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.322380305Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.324753864Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.326984526Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.329526432Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.332073137Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.334407332Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.337976589Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.340486525Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.342928614Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.345579574Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.348040769Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.350229752Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.352461365Z 6 PC: 131e8 | Direct console I/O
2018-12-17T22:48:47.357129215Z 76 PC: 131a0 | Terminate with return code (Return code = '5')