Sample viewer

vx.netlux.org/Trojan.DOS.AnDum.c

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:53:14.866082916Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:53:14.86827854Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:53:14.8694065Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:53:14.870581473Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:53:14.872382381Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:53:14.873827083Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:53:14.875207686Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:53:14.877339233Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:53:14.879597424Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:53:14.880814319Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:53:14.882701425Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:53:14.889904248Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:53:14.891063663Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:53:14.892205464Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:53:14.8942055Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:53:14.903925538Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:53:14.905381119Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:53:14.907383745Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:53:14.909262538Z	53	PC: 1330a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:53:14.910653519Z	37	PC: 1331f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:53:14.912908858Z	37	PC: 13327 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:53:14.914274673Z	37	PC: 1332f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:53:14.915593627Z	37	PC: 13337 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:53:14.918024697Z	68	PC: 13995 \| I/O control for devices (Set for = '��>v')
2018-12-17T22:53:15.082456979Z	64	PC: 13728 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:53:15.084511179Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:53:15.08668023Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:53:15.088144117Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:53:15.089573699Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:53:15.091623337Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:53:15.092934305Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:53:15.094348998Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:53:15.096261536Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:53:15.097363324Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:53:15.0984156Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:53:15.100167894Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:53:15.101565044Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:53:15.102927063Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:53:15.104293342Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:53:15.106437877Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:53:15.10750669Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:53:15.108533077Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:53:15.110163301Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:53:15.111260366Z	37	PC: 13461 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:53:15.112325731Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.114788222Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.11672934Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.118645959Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.121084793Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.123347834Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.125273629Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.128100949Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.130011859Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.131890634Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.134528135Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.13646337Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.13837186Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.140924187Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.143575834Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.145447712Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.147644458Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.150002714Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.152678088Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.154945202Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.157566584Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.159789889Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.162130364Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.165019352Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.167169303Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.169332011Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.172412974Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.174580317Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.176768936Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.179679684Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.181684038Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.183617098Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.18624909Z	6	PC: 134e8 \| Direct console I/O
2018-12-17T22:53:15.189720547Z	76	PC: 134a0 \| Terminate with return code (Return code = '200')