Sample viewer

vx.netlux.org/Trojan.DOS.Chiko.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:00:52.63516771Z	113	PC: 12a94 \| UNKNOWN!
2018-12-17T23:00:52.636359479Z	64	PC: 12acd \| Write file or device (Write 8 bytes on handle 28928)
2018-12-17T23:00:52.639168276Z	66	PC: 12add \| Move file pointer
2018-12-17T23:00:52.640956045Z	64	PC: 12af3 \| Write file or device (Write 6 bytes on handle 28928)
2018-12-17T23:00:52.643457279Z	66	PC: 12b03 \| Move file pointer
2018-12-17T23:00:52.645765487Z	64	PC: 12b1a \| Write file or device (Write 7 bytes on handle 28928)
2018-12-17T23:00:52.647786986Z	66	PC: 12b2a \| Move file pointer
2018-12-17T23:00:52.649443985Z	64	PC: 12b45 \| Write file or device (Write 11 bytes on handle 28928)
2018-12-17T23:00:52.651537103Z	62	PC: 12b4c \| Close file
2018-12-17T23:00:52.654096218Z	9	PC: 12bbb \| Display string (String= '�� ')
2018-12-17T23:00:52.658290829Z	113	PC: 12bdb \| UNKNOWN!
2018-12-17T23:00:52.659694587Z	64	PC: 12c14 \| Write file or device (Write 8 bytes on handle 28928)
2018-12-17T23:00:52.661263994Z	66	PC: 12c24 \| Move file pointer
2018-12-17T23:00:52.662809954Z	64	PC: 12c3a \| Write file or device (Write 6 bytes on handle 28928)
2018-12-17T23:00:52.664623791Z	66	PC: 12c4a \| Move file pointer
2018-12-17T23:00:52.66687294Z	64	PC: 12c61 \| Write file or device (Write 7 bytes on handle 28928)
2018-12-17T23:00:52.669282613Z	66	PC: 12c71 \| Move file pointer
2018-12-17T23:00:52.671066093Z	64	PC: 12c8c \| Write file or device (Write 11 bytes on handle 28928)
2018-12-17T23:00:52.672985725Z	62	PC: 12c93 \| Close file
2018-12-17T23:00:52.676155529Z	9	PC: 12d02 \| Display string (String= '�� ')
2018-12-17T23:00:52.686264248Z	113	PC: 12d28 \| UNKNOWN!
2018-12-17T23:00:52.687976343Z	64	PC: 12d61 \| Write file or device (Write 8 bytes on handle 28928)
2018-12-17T23:00:52.690454492Z	66	PC: 12d71 \| Move file pointer
2018-12-17T23:00:52.693841099Z	64	PC: 12d87 \| Write file or device (Write 6 bytes on handle 28928)
2018-12-17T23:00:52.696084902Z	66	PC: 12d97 \| Move file pointer
2018-12-17T23:00:52.697912866Z	64	PC: 12dae \| Write file or device (Write 7 bytes on handle 28928)
2018-12-17T23:00:52.708634421Z	66	PC: 12dbe \| Move file pointer
2018-12-17T23:00:52.710902071Z	64	PC: 12dd9 \| Write file or device (Write 11 bytes on handle 28928)
2018-12-17T23:00:52.713182007Z	62	PC: 12de0 \| Close file
2018-12-17T23:00:52.71808604Z	9	PC: 12e4f \| Display string (String= '�� ')
2018-12-17T23:00:52.72980919Z	113	PC: 12e78 \| UNKNOWN!
2018-12-17T23:00:52.731193495Z	64	PC: 12eb1 \| Write file or device (Write 8 bytes on handle 28928)
2018-12-17T23:00:52.739415044Z	66	PC: 12ec1 \| Move file pointer
2018-12-17T23:00:52.741277718Z	64	PC: 12ed7 \| Write file or device (Write 6 bytes on handle 28928)
2018-12-17T23:00:52.743149194Z	66	PC: 12ee7 \| Move file pointer
2018-12-17T23:00:52.747622523Z	64	PC: 12efe \| Write file or device (Write 7 bytes on handle 28928)
2018-12-17T23:00:52.749911521Z	66	PC: 12f0e \| Move file pointer
2018-12-17T23:00:52.751609597Z	64	PC: 12f29 \| Write file or device (Write 11 bytes on handle 28928)
2018-12-17T23:00:52.753261844Z	62	PC: 12f30 \| Close file
2018-12-17T23:00:52.757287801Z	9	PC: 12f9f \| Display string (String= '�� ')
2018-12-17T23:00:52.767050482Z	113	PC: 12fcb \| UNKNOWN!
2018-12-17T23:00:52.768336747Z	64	PC: 13004 \| Write file or device (Write 8 bytes on handle 28928)
2018-12-17T23:00:52.771162542Z	66	PC: 13014 \| Move file pointer
2018-12-17T23:00:52.772876733Z	64	PC: 1302a \| Write file or device (Write 6 bytes on handle 28928)
2018-12-17T23:00:52.774408381Z	66	PC: 1303a \| Move file pointer
2018-12-17T23:00:52.776944967Z	64	PC: 13051 \| Write file or device (Write 7 bytes on handle 28928)
2018-12-17T23:00:52.779109495Z	66	PC: 13061 \| Move file pointer
2018-12-17T23:00:52.781466721Z	64	PC: 1307c \| Write file or device (Write 11 bytes on handle 28928)
2018-12-17T23:00:52.784251684Z	62	PC: 13083 \| Close file
2018-12-17T23:00:52.788086496Z	9	PC: 130f2 \| Display string (String= '�� ')
2018-12-17T23:00:52.797896416Z	76	PC: 130f7 \| Terminate with return code (Return code = '0')