Sample viewer

vx.netlux.org/Trojan.DOS.NukeWarez.d

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:01:36.495296344Z 53 PC: 138ca | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:01:36.496834907Z 53 PC: 138ca | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:01:36.497839345Z 53 PC: 138ca | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:01:36.498764193Z 53 PC: 138ca | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:01:36.500194697Z 53 PC: 138ca | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:01:36.501177611Z 53 PC: 138ca | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:01:36.502133153Z 53 PC: 138ca | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:01:36.503459448Z 53 PC: 138ca | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:01:36.504433995Z 53 PC: 138ca | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:01:36.505407837Z 53 PC: 138ca | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:01:36.506815128Z 53 PC: 138ca | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:01:36.507835857Z 53 PC: 138ca | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:01:36.508814023Z 53 PC: 138ca | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:01:36.510243958Z 53 PC: 138ca | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:01:36.511350432Z 53 PC: 138ca | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:01:36.512335678Z 53 PC: 138ca | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:01:36.513478262Z 53 PC: 138ca | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:01:36.514620967Z 53 PC: 138ca | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:01:36.515615275Z 53 PC: 138ca | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:01:36.516665806Z 37 PC: 138df | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:01:36.517867998Z 37 PC: 138e7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:01:36.518818913Z 37 PC: 138ef | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:01:36.519742246Z 37 PC: 138f7 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:01:36.521672422Z 68 PC: 14516 | I/O control for devices (Set for = '��dz �')
2018-12-17T22:01:36.688676749Z 64 PC: 13ce8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:01:36.690358768Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:01:36.692244914Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:01:36.69322513Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:01:36.694171899Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:01:36.695689457Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:01:36.696588316Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:01:36.697485024Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:01:36.698950732Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:01:36.699801525Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:01:36.700619005Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:01:36.702113548Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:01:36.703224912Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:01:36.704364783Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:01:36.707734516Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:01:36.708792885Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:01:36.709829115Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:01:36.71146333Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:01:36.71250578Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:01:36.713783286Z 37 PC: 13a21 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:01:36.715483193Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.717714046Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.719732429Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.72247785Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.724296204Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.726152183Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.728961718Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.730877685Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.732752985Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.735405327Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.737583333Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.739594926Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.742264003Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.744275785Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.746297402Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.749676469Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.751650644Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.753670934Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.756438873Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.758451673Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.760381805Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.763424088Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.765327734Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.767295586Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.770981663Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.773320549Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.775714368Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.778270697Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.781021377Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.784130279Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.787344831Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.789561797Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.791360842Z 6 PC: 13aa8 | Direct console I/O
2018-12-17T22:01:36.794996969Z 76 PC: 13a60 | Terminate with return code (Return code = '200')