Sample viewer

vx.netlux.org/Trojan.DOS.KillHDD.c

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:57:43.228441691Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:57:43.236384825Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:57:43.245266129Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:57:43.247105452Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:57:43.249533024Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:57:43.251108454Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:43.254150682Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:57:43.255874776Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:57:43.259432772Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:57:43.26093724Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:57:43.263709906Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:57:43.266502874Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:57:43.271222967Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:57:43.272581172Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:57:43.27466745Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:57:43.276097019Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:57:43.277413928Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:57:43.27990313Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:57:43.281706886Z	53	PC: 137ba \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:57:43.295046791Z	37	PC: 137cf \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:57:43.297670847Z	37	PC: 137d7 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:57:43.299539923Z	37	PC: 137df \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:43.300976785Z	37	PC: 137e7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:57:43.303907278Z	68	PC: 14476 \| I/O control for devices (Set for = '� ')
2018-12-17T22:57:43.490210336Z	64	PC: 13bd8 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:57:43.492194663Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:57:43.493809627Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:57:43.49646196Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:57:43.497917922Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:57:43.503277973Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:57:43.505545154Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:43.512941519Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:57:43.51414475Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:57:43.516246888Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:57:43.517576629Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:57:43.518787232Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:57:43.526435038Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:57:43.527797906Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:57:43.528886192Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:57:43.530701015Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:57:43.532573374Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:57:43.533787505Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:57:43.535079072Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:57:43.537020214Z	37	PC: 13911 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:57:43.538423892Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.542167966Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.547426304Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.550931103Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.556699988Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.560588473Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.563150034Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.565573213Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.56874193Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.570820465Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.573271869Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.592104634Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.594431865Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.596739399Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.599911714Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.602346622Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.605417486Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.608617261Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.611181517Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.613748337Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.622096929Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.62398357Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.625717255Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.627936004Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.630200238Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.634359245Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.63694914Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.640039202Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.646883276Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.655467462Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.659522893Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.662924911Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.665456744Z	6	PC: 13998 \| Direct console I/O
2018-12-17T22:57:43.670741186Z	76	PC: 13950 \| Terminate with return code (Return code = '200')