Sample viewer

vx.netlux.org/Trojan.DOS.Reven

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:57:41.497808275Z	48	PC: 12a4c \| Get DOS version
2018-12-17T22:57:41.499763501Z	53	PC: 12ba8 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:57:41.500738695Z	53	PC: 12bb5 \| Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:57:41.501590767Z	53	PC: 12bc2 \| Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:57:41.503401597Z	53	PC: 12bcf \| Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:57:41.504350476Z	37	PC: 12be3 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:57:41.505608067Z	74	PC: 12b19 \| Reallocate memory
2018-12-17T22:57:41.511253039Z	55	PC: 14901 \| Get or set switch character
2018-12-17T22:57:41.514069877Z	41	PC: 14dd5 \| Parse filename
2018-12-17T22:57:41.515724702Z	41	PC: 14de3 \| Parse filename
2018-12-17T22:57:41.518159745Z	75	PC: 14e23 \| Execute program
2018-12-17T22:57:41.540379518Z	80	PC: 26709 \| Set current PSP
2018-12-17T22:57:41.541294365Z	48	PC: 2670e \| Get DOS version
2018-12-17T22:57:41.542868746Z	99	PC: 2cef0 \| Get DBCS lead byte table pointer
2018-12-17T22:57:41.546249824Z	101	PC: 26794 \| Get extended country info
2018-12-17T22:57:41.54789186Z	99	PC: 2679a \| Get DBCS lead byte table pointer
2018-12-17T22:57:41.549124639Z	74	PC: 267fc \| Reallocate memory
2018-12-17T22:57:41.551036219Z	25	PC: 26833 \| Get default drive
2018-12-17T22:57:41.552128389Z	37	PC: 262f3 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:57:41.552952362Z	37	PC: 262fa \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:57:41.554566135Z	37	PC: 26301 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:41.557723571Z	74	PC: 2549c \| Reallocate memory
2018-12-17T22:57:41.55883675Z	72	PC: 254dd \| Allocate memory
2018-12-17T22:57:41.561568212Z	72	PC: 25515 \| Allocate memory
2018-12-17T22:57:41.562897688Z	72	PC: 2551d \| Allocate memory