Sample viewer

vx.netlux.org/Trojan.DOS.Makeur

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:01:54.303861454Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:01:54.305983321Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:01:54.30776024Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:01:54.309747323Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:01:54.311057024Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:01:54.312874459Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:01:54.314335064Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:01:54.315802541Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:01:54.318100358Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:01:54.319579497Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:01:54.321603681Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:01:54.323999543Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:01:54.325300297Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:01:54.326557239Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:01:54.330531887Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:01:54.332520804Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:01:54.334336466Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:01:54.337817547Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:01:54.3399108Z	53	PC: 1323a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:01:54.341801412Z	37	PC: 1324f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:01:54.344605631Z	37	PC: 13257 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:01:54.346112853Z	37	PC: 1325f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:01:54.347303821Z	37	PC: 13267 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:01:54.349659768Z	68	PC: 13a81 \| I/O control for devices (Set for = '�%��%�� >%�u�%�')
2018-12-17T23:01:54.468430575Z	64	PC: 135fd \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T23:01:54.470712713Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:01:54.472340031Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:01:54.475184726Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:01:54.476547297Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:01:54.47788475Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:01:54.480427407Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:01:54.481962111Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:01:54.48355817Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:01:54.486312264Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:01:54.4880876Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:01:54.489745605Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:01:54.491841213Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:01:54.493228099Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:01:54.494723419Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:01:54.496537287Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:01:54.499299127Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:01:54.501943936Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:01:54.503530227Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:01:54.505301044Z	37	PC: 13391 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:01:54.506593352Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.508917198Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.512322687Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.514278703Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.516074096Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.518522016Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.520545779Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.52249963Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.525934664Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.528091928Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.530106874Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.532776249Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.535350626Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.537991729Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.541779045Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.544381285Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.546818434Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.548884827Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.551855068Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.553842703Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.556711533Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.560261473Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.562881206Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.565532978Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.568795739Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.572430539Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.574877948Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.57776894Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.58059545Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.583286527Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.586676005Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.589177756Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.592006031Z	6	PC: 13418 \| Direct console I/O
2018-12-17T23:01:54.597338661Z	76	PC: 133d0 \| Terminate with return code (Return code = '200')