Sample viewer

vx.netlux.org/Trojan.DOS.Hack

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:54:06.892481084Z	48	PC: 12af4 \| Get DOS version
2018-12-17T22:54:06.894628235Z	74	PC: 12b45 \| Reallocate memory
2018-12-17T22:54:06.897190029Z	48	PC: 12bb2 \| Get DOS version
2018-12-17T22:54:06.898338746Z	53	PC: 12bba \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:54:06.900512446Z	37	PC: 12bcc \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:54:06.901932637Z	53	PC: 1b11a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:54:06.903104489Z	53	PC: 1b127 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:54:06.905242307Z	37	PC: 1b137 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:54:06.906409711Z	37	PC: 1b13f \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:54:06.907525129Z	53	PC: 18fed \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:54:06.909202703Z	53	PC: 18fed \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:54:06.910323785Z	53	PC: 18fed \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:54:06.911386331Z	53	PC: 18fed \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:54:06.913391738Z	53	PC: 18fed \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:54:06.914688601Z	53	PC: 18fed \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:54:06.916565756Z	53	PC: 18fed \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:54:06.920028741Z	53	PC: 18fed \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:54:06.921075801Z	53	PC: 18fed \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:54:06.922014497Z	53	PC: 18fed \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:54:06.923216422Z	53	PC: 18fed \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:54:06.930396567Z	37	PC: 1901c \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:54:06.931702075Z	37	PC: 1901c \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:54:06.933200521Z	37	PC: 1901c \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:54:06.934524144Z	37	PC: 1901c \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:54:06.935630936Z	37	PC: 1901c \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:54:06.93770376Z	37	PC: 1901c \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:54:06.938765938Z	37	PC: 1901c \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:54:06.939794929Z	37	PC: 1901c \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:54:06.941342611Z	37	PC: 19023 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:54:06.94243792Z	37	PC: 19028 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:54:06.943713821Z	68	PC: 12c5d \| I/O control for devices (Set for = 'ރ��Ë6��')
2018-12-17T22:54:06.945573215Z	68	PC: 12c5d \| I/O control for devices (Set for = '��')
2018-12-17T22:54:06.947434199Z	68	PC: 12c5d \| I/O control for devices (Set for = ' �"��s3��ð2�3��ߋ��')
2018-12-17T22:54:06.94873992Z	68	PC: 12c5d \| I/O control for devices (Set for = 'ð2�3��ߋ��')
2018-12-17T22:54:06.950323589Z	68	PC: 12c5d \| I/O control for devices (Set for = 'ð2�3��ߋ��')
2018-12-17T22:54:06.952835501Z	53	PC: 14175 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:54:06.954644062Z	53	PC: 14182 \| Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:54:06.956625713Z	53	PC: 1418f \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:54:06.957891834Z	37	PC: 141a5 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:54:06.958846131Z	37	PC: 141ad \| Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:54:06.960057698Z	37	PC: 141b5 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:54:06.961186723Z	53	PC: 167ee \| Get interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T22:54:06.962123433Z	53	PC: 167fb \| Get interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T22:54:06.963628057Z	53	PC: 1680a \| Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:54:06.96479119Z	37	PC: 16817 \| Set interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T22:54:06.96586056Z	53	PC: 1681e \| Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:54:06.967426886Z	37	PC: 1682b \| Set interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T22:54:06.968657694Z	53	PC: 16837 \| Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:54:06.972204513Z	48	PC: 168f7 \| Get DOS version
2018-12-17T22:54:06.974133268Z	68	PC: 18d93 \| I/O control for devices (Set for = 'e memory. Close all programs and run anyway!')
2018-12-17T22:54:06.97540018Z	68	PC: 18d93 \| I/O control for devices (Set for = '')
2018-12-17T22:54:06.976845899Z	51	PC: 13e0f \| Get or set Ctrl-Break
2018-12-17T22:54:06.978371831Z	51	PC: 13e1b \| Get or set Ctrl-Break
2018-12-17T22:54:06.984402914Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:06.98838899Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:06.990850025Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:06.993479113Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:06.995393565Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:06.996925619Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:06.999068404Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.001610528Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.003883322Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.00633975Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.008212861Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.011311373Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.014253461Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.016133045Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.017606365Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.020555528Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.022522707Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.025049885Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.029210548Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.031724309Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.034181713Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.036818404Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.038893949Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.041150907Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.043914395Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.046544389Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.049165076Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.052379528Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.054735753Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.057067062Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.059579768Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.06154835Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.063614192Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.06694012Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.069012409Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.071082907Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.073287228Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.075225988Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.077577883Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.08073779Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.083185995Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.085526411Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.088879448Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.090896467Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.092844505Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.095439829Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.097403557Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.099352544Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.102023327Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.103872531Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.105683827Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.108063137Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.109980684Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.111395832Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.114301209Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.116156895Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.11812173Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.120584451Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.122453812Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.124304693Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.126271432Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.128103661Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.129934778Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.131898221Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.133566666Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.137092402Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.138905419Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.143103658Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.14496129Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.1469036Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.149381393Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.151263836Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.153811942Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.155676009Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.157554328Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.161097859Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.162994957Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.164867434Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.168134489Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.169988257Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.172261749Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.175390704Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.178065783Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.180277294Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.188675556Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.191046074Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.194217874Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.196816165Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.19906598Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.203044153Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.205365872Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.207350241Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.210109983Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.212368223Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.214613466Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.218187403Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.220153892Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.222036673Z	6	PC: 13447 \| Direct console I/O
2018-12-17T22:54:07.226061263Z	12	PC: 13e6d \| Flush input buffer and input