Sample viewer

vx.netlux.org/Trojan.DOS.EraseHDD.j

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:00:59.672220027Z 37 PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T23:00:59.673856733Z 37 PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:00:59.676671321Z 37 PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:00:59.67850102Z 62 PC: 122ab | Close file
2018-12-17T23:00:59.680601397Z 62 PC: 122ab | Close file
2018-12-17T23:00:59.68415263Z 62 PC: 122ab | Close file
2018-12-17T23:00:59.686459324Z 62 PC: 122ab | Close file
2018-12-17T23:00:59.688616878Z 62 PC: 122ab | Close file
2018-12-17T23:00:59.691791514Z 62 PC: 122ab | Close file
2018-12-17T23:00:59.69411488Z 62 PC: 122ab | Close file
2018-12-17T23:00:59.696965166Z 62 PC: 122ab | Close file
2018-12-17T23:00:59.699615275Z 62 PC: 122ab | Close file
2018-12-17T23:00:59.701313506Z 62 PC: 122ab | Close file
2018-12-17T23:00:59.703406039Z 62 PC: 122ab | Close file
2018-12-17T23:00:59.705947825Z 62 PC: 122ab | Close file
2018-12-17T23:00:59.710934816Z 62 PC: 122ab | Close file
2018-12-17T23:00:59.712688551Z 62 PC: 122ab | Close file
2018-12-17T23:00:59.714445272Z 62 PC: 122ab | Close file
2018-12-17T23:00:59.717215158Z 46 PC: 1220a | Set verify flag
2018-12-17T23:00:59.719615097Z 61 PC: 12354 | Open file (Filename = '�&�e��������')
2018-12-17T23:00:59.727001857Z 68 PC: 12265 | I/O control for devices (Set for = '�&�e��������')
2018-12-17T23:00:59.730178928Z 2 PC: 1268d | Character output (Char = '0a')
2018-12-17T23:00:59.734811102Z 2 PC: 1268d | Character output (Char = '06')
2018-12-17T23:00:59.738796581Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.742807408Z 2 PC: 1268d | Character output (Char = '06')
2018-12-17T23:00:59.746521417Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.749313343Z 2 PC: 1268d | Character output (Char = 'b9')
2018-12-17T23:00:59.75291971Z 2 PC: 1268d | Character output (Char = '09')
2018-12-17T23:00:59.755837843Z 2 PC: 1268d | Character output (Char = '81')
2018-12-17T23:00:59.75867813Z 2 PC: 1268d | Character output (Char = 'c0')
2018-12-17T23:00:59.761376481Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.764601962Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.767365805Z 2 PC: 1268d | Character output (Char = '70')
2018-12-17T23:00:59.770114921Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.772653111Z 2 PC: 1268d | Character output (Char = '81')
2018-12-17T23:00:59.774868564Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.777109695Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.7801404Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.782705079Z 2 PC: 1268d | Character output (Char = '16')
2018-12-17T23:00:59.785251024Z 2 PC: 1268d | Character output (Char = '04')
2018-12-17T23:00:59.788415931Z 2 PC: 1268d | Character output (Char = '1e')
2018-12-17T23:00:59.790662522Z 2 PC: 1268d | Character output (Char = '05')
2018-12-17T23:00:59.792885469Z 2 PC: 1268d | Character output (Char = '81')
2018-12-17T23:00:59.796131028Z 2 PC: 1268d | Character output (Char = '8e')
2018-12-17T23:00:59.799471245Z 2 PC: 1268d | Character output (Char = '18')
2018-12-17T23:00:59.802932468Z 2 PC: 1268d | Character output (Char = '09')
2018-12-17T23:00:59.806428788Z 2 PC: 1268d | Character output (Char = '17')
2018-12-17T23:00:59.808971276Z 2 PC: 1268d | Character output (Char = '16')
2018-12-17T23:00:59.811664697Z 2 PC: 1268d | Character output (Char = '01')
2018-12-17T23:00:59.815048586Z 2 PC: 1268d | Character output (Char = 'ea')
2018-12-17T23:00:59.817378133Z 2 PC: 1268d | Character output (Char = '93')
2018-12-17T23:00:59.819565333Z 2 PC: 1268d | Character output (Char = '08')
2018-12-17T23:00:59.821970493Z 2 PC: 1268d | Character output (Char = '70')
2018-12-17T23:00:59.82453392Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.827464046Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.830086373Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.833148097Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.835834294Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.838544817Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.846445384Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.849361112Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.852277323Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.856586119Z 2 PC: 1268d | Character output (Char = '5a')
2018-12-17T23:00:59.859289659Z 2 PC: 1268d | Character output (Char = '03')
2018-12-17T23:00:59.861755503Z 2 PC: 1268d | Character output (Char = '16')
2018-12-17T23:00:59.870003331Z 2 PC: 1268d | Character output (Char = '01')
2018-12-17T23:00:59.872848538Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.87519127Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.878106138Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.880770013Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.883324122Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.888466816Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.891087681Z 2 PC: 1268d | Character output (Char = '70')
2018-12-17T23:00:59.8929074Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.89571743Z 2 PC: 1268d | Character output (Char = '01')
2018-12-17T23:00:59.897910602Z 2 PC: 1268d | Character output (Char = '02')
2018-12-17T23:00:59.899784343Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.901672471Z 2 PC: 1268d | Character output (Char = 'e8')
2018-12-17T23:00:59.907895464Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.910436228Z 2 PC: 1268d | Character output (Char = '35')
2018-12-17T23:00:59.912828204Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.91611518Z 2 PC: 1268d | Character output (Char = '70')
2018-12-17T23:00:59.918632851Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.920932552Z 2 PC: 1268d | Character output (Char = '13')
2018-12-17T23:00:59.924190625Z 2 PC: 1268d | Character output (Char = '80')
2018-12-17T23:00:59.926623326Z 2 PC: 1268d | Character output (Char = 'f5')
2018-12-17T23:00:59.929004751Z 2 PC: 1268d | Character output (Char = '06')
2018-12-17T23:00:59.932618281Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.935306683Z 2 PC: 1268d | Character output (Char = '07')
2018-12-17T23:00:59.9377746Z 2 PC: 1268d | Character output (Char = '43')
2018-12-17T23:00:59.941087886Z 2 PC: 1268d | Character output (Char = '4f')
2018-12-17T23:00:59.94345301Z 2 PC: 1268d | Character output (Char = '4e')
2018-12-17T23:00:59.945753713Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:00:59.949382282Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:00:59.952110679Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:00:59.954922893Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:00:59.957815008Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:00:59.960803253Z 2 PC: 1268d | Character output (Char = '47')
2018-12-17T23:00:59.964921672Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.967337241Z 2 PC: 1268d | Character output (Char = '70')
2018-12-17T23:00:59.970689912Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.97333384Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:00:59.975951789Z 2 PC: 1268d | Character output (Char = '80')
2018-12-17T23:00:59.986175029Z 2 PC: 1268d | Character output (Char = 'f5')
2018-12-17T23:00:59.988737304Z 2 PC: 1268d | Character output (Char = '06')
2018-12-17T23:00:59.991853089Z 2 PC: 1268d | Character output (Char = '21')
2018-12-17T23:00:59.997158358Z 2 PC: 1268d | Character output (Char = '07')
2018-12-17T23:00:59.999704813Z 2 PC: 1268d | Character output (Char = '41')
2018-12-17T23:01:00.002447737Z 2 PC: 1268d | Character output (Char = '55')
2018-12-17T23:01:00.005592307Z 2 PC: 1268d | Character output (Char = '58')
2018-12-17T23:01:00.011775805Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:01:00.014312943Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:01:00.017755963Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:01:00.020133691Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:01:00.022696707Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:01:00.02616264Z 2 PC: 1268d | Character output (Char = '59')
2018-12-17T23:01:00.028751675Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:01:00.031044814Z 2 PC: 1268d | Character output (Char = '70')
2018-12-17T23:01:00.033825469Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:01:00.036661358Z 2 PC: 1268d | Character output (Char = 'c0')
2018-12-17T23:01:00.039101022Z 2 PC: 1268d | Character output (Char = 'a0')
2018-12-17T23:01:00.041585792Z 2 PC: 1268d | Character output (Char = 'f5')
2018-12-17T23:01:00.044616416Z 2 PC: 1268d | Character output (Char = '06')
2018-12-17T23:01:00.046962495Z 2 PC: 1268d | Character output (Char = '05')
2018-12-17T23:01:00.049453746Z 2 PC: 1268d | Character output (Char = '07')
2018-12-17T23:01:00.052458863Z 2 PC: 1268d | Character output (Char = '50')
2018-12-17T23:01:00.055082193Z 2 PC: 1268d | Character output (Char = '52')
2018-12-17T23:01:00.057613489Z 2 PC: 1268d | Character output (Char = '4e')
2018-12-17T23:01:00.060624286Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:01:00.063268595Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:01:00.067558587Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:01:00.071181534Z 2 PC: 1268d | Character output (Char = '22')
2018-12-17T23:01:00.0740103Z 2 PC: 1268d | Character output (Char = '05')
2018-12-17T23:01:00.076721956Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:01:00.080474156Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:01:00.084617101Z 2 PC: 1268d | Character output (Char = '03')
2018-12-17T23:01:00.087282279Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:01:00.091030904Z 2 PC: 1268d | Character output (Char = '01')
2018-12-17T23:01:00.09375932Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:01:00.096481145Z 2 PC: 1268d | Character output (Char = 'b5')
2018-12-17T23:01:00.100289561Z 2 PC: 1268d | Character output (Char = '08')
2018-12-17T23:01:00.103634076Z 2 PC: 1268d | Character output (Char = '08')
2018-12-17T23:01:00.106005071Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:01:00.109419758Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:01:00.111887104Z 2 PC: 1268d | Character output (Char = '00')
2018-12-17T23:01:00.114352387Z 2 PC: 1268d | Character output (Char = '50')
2018-12-17T23:01:00.117759469Z 2 PC: 1268d | Character output (Char = 'cc')
2018-12-17T23:01:00.12008572Z 2 PC: 1268d | Character output (Char = '80')
2018-12-17T23:01:00.122956374Z 2 PC: 1268d | Character output (Char = '40')
2018-12-17T23:01:00.125474637Z 73 PC: 1210b | Release memory
2018-12-17T23:01:00.127971939Z 80 PC: 12113 | Set current PSP