Sample viewer

vx.netlux.org/Trojan.DOS.Kermit.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:05:16.39843756Z 82 PC: 27943 | Get DOS internal pointers (SYSVARS)
2018-12-17T23:05:16.402046156Z 48 PC: 14bbd | Get DOS version
2018-12-17T23:05:16.403845901Z 9 PC: 14bde | Display string (Could not find end pointer)
2018-12-17T23:05:16.408930022Z 9 PC: 14be5 | Display string (String= 'c€t!R~t>Fr ?Z s!@R^K>Fr Z0GY_ZYPV<')
2018-12-17T23:05:16.417529212Z 26 PC: 14bec | Set disk transfer address
2018-12-17T23:05:16.419334527Z 53 PC: 14d98 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:05:16.421989379Z 53 PC: 14da6 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:05:16.424529075Z 37 PC: 14dbc | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:05:16.426496715Z 37 PC: 14dc5 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:05:16.430524699Z 25 PC: 14bf3 | Get default drive
2018-12-17T23:05:16.433410427Z 71 PC: 14c11 | Get current directory
2018-12-17T23:05:16.438173974Z 74 PC: 15396 | Reallocate memory
2018-12-17T23:05:16.443629232Z 72 PC: 153b2 | Allocate memory
2018-12-17T23:05:16.446198814Z 72 PC: 1bba3 | Allocate memory
2018-12-17T23:05:16.450619427Z 72 PC: 153b2 | Allocate memory
2018-12-17T23:05:16.45985219Z 55 PC: 14c2c | Get or set switch character
2018-12-17T23:05:16.461847211Z 9 PC: 14c57 | Display string (Could not find end pointer)
2018-12-17T23:05:16.470213033Z 26 PC: 15349 | Set disk transfer address
2018-12-17T23:05:16.47977327Z 78 PC: 1534f | Find first file
2018-12-17T23:05:16.498161629Z 26 PC: 15357 | Set disk transfer address
2018-12-17T23:05:16.504161001Z 26 PC: 15349 | Set disk transfer address
2018-12-17T23:05:16.507075291Z 78 PC: 1534f | Find first file
2018-12-17T23:05:16.519509914Z 26 PC: 15357 | Set disk transfer address
2018-12-17T23:05:16.522205483Z 9 PC: 150e3 | Display string (String= ' ')
2018-12-17T23:05:16.526066313Z 9 PC: 150eb | Display string (String= 'Kermit-MS>')
2018-12-17T23:05:16.534605992Z 7 PC: 12ffc | Direct console input without echo