Sample viewer

vx.netlux.org/Trojan.DOS.Jackel.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:03:38.881191867Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:03:38.883967058Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:03:38.885846674Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:03:38.887493873Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:03:38.889148115Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:03:38.901455268Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:03:38.9035456Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:03:38.905180416Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:03:38.907843376Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:03:38.90929157Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:03:38.910536462Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:03:38.913555883Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:03:38.915478089Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:03:38.917398822Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:03:38.91944961Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:03:38.921794953Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:03:38.923428626Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:03:38.925934329Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:03:38.928066781Z	53	PC: 1322a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:03:38.930887288Z	37	PC: 1323f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:03:38.93260557Z	37	PC: 13247 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:03:38.935363529Z	37	PC: 1324f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:03:38.936861417Z	37	PC: 13257 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:03:38.938937352Z	68	PC: 13946 \| I/O control for devices (Set for = '�G&�>I&�D&�E��&�&K&�\|&�>v�u&�v')
2018-12-17T23:03:39.111196847Z	64	PC: 13648 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T23:03:39.113797238Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:03:39.115522614Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:03:39.118505847Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:03:39.120247794Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:03:39.121946509Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:03:39.124029809Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:03:39.125852879Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:03:39.127612038Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:03:39.12920243Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:03:39.139627482Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:03:39.140951523Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:03:39.142345666Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:03:39.144499047Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:03:39.146193985Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:03:39.147873916Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:03:39.158216823Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:03:39.160041606Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:03:39.16181901Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:03:39.164324013Z	37	PC: 13381 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:03:39.166432018Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.169101871Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.172727822Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.175436969Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.178104767Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.180730217Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.183574738Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.186045045Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.188649455Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.191902865Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.194585853Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.197185734Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.200596911Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.203235194Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.205894697Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.209087905Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.212571408Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.215207287Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.218380707Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.220851505Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.223499337Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.226875568Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.229500416Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.232129342Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.235327649Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.237923161Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.240519506Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.243597085Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.246270705Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.248848475Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.251645988Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.25424108Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.256377078Z	6	PC: 13408 \| Direct console I/O
2018-12-17T23:03:39.260452175Z	76	PC: 133c0 \| Terminate with return code (Return code = '200')