Sample viewer

vx.netlux.org/Trojan.DOS.Satana

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:07:30.638620361Z	48	PC: 178dc \| Get DOS version
2018-12-17T23:07:30.640851495Z	74	PC: 1792c \| Reallocate memory
2018-12-17T23:07:30.642585314Z	48	PC: 17990 \| Get DOS version
2018-12-17T23:07:30.643713425Z	53	PC: 17998 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:07:30.654139193Z	37	PC: 179aa \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:07:30.655987477Z	53	PC: 1a032 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:07:30.657345831Z	37	PC: 1a042 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:07:30.658700237Z	53	PC: 1a047 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:07:30.660200226Z	37	PC: 1a057 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:07:30.661311485Z	53	PC: 17d86 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:07:30.662475824Z	53	PC: 17d86 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:07:30.665756682Z	53	PC: 17d86 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:07:30.667583195Z	53	PC: 17d86 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:07:30.669300073Z	53	PC: 17d86 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:07:30.672961164Z	53	PC: 17d86 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:07:30.674197228Z	53	PC: 17d86 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:07:30.676100946Z	53	PC: 17d86 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:07:30.679853461Z	53	PC: 17d86 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:07:30.681624921Z	53	PC: 17d86 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:07:30.683565679Z	53	PC: 17d86 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:07:30.68593868Z	37	PC: 17db5 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:07:30.687298756Z	37	PC: 17db5 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:07:30.688490927Z	37	PC: 17db5 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:07:30.692765562Z	37	PC: 17db5 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:07:30.695048163Z	37	PC: 17db5 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:07:30.697422065Z	37	PC: 17db5 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:07:30.700426584Z	37	PC: 17db5 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:07:30.706072336Z	37	PC: 17db5 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:07:30.707695698Z	37	PC: 17dbc \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:07:30.709455796Z	37	PC: 17dc1 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:07:30.712377468Z	68	PC: 17a3b \| I/O control for devices (Set for = ';�r�6�q��PSQVW�6��u�G-')
2018-12-17T23:07:30.714513614Z	68	PC: 17a3b \| I/O control for devices
2018-12-17T23:07:30.716395291Z	68	PC: 17a3b \| I/O control for devices (Set for = '')
2018-12-17T23:07:30.72150157Z	68	PC: 17a3b \| I/O control for devices (Set for = '')
2018-12-17T23:07:30.723431638Z	68	PC: 17a3b \| I/O control for devices (Set for = '')
2018-12-17T23:07:30.725712545Z	53	PC: 15156 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:07:30.728796082Z	53	PC: 15163 \| Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T23:07:30.73065183Z	53	PC: 15170 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:07:30.73300816Z	37	PC: 15185 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:07:30.738595513Z	37	PC: 1518d \| Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T23:07:30.739977891Z	37	PC: 15195 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:07:30.741697223Z	53	PC: 15c14 \| Get interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T23:07:30.761714561Z	53	PC: 15c21 \| Get interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T23:07:30.766963349Z	53	PC: 15c30 \| Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T23:07:30.770924244Z	37	PC: 15c3d \| Set interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T23:07:30.77387471Z	53	PC: 15c44 \| Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T23:07:30.780197125Z	37	PC: 15c51 \| Set interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T23:07:30.782711452Z	53	PC: 15c5d \| Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T23:07:30.787913981Z	48	PC: 15d1f \| Get DOS version
2018-12-17T23:07:30.790100341Z	68	PC: 150cc \| I/O control for devices (Set for = '� ��')
2018-12-17T23:07:30.791898451Z	68	PC: 150cc \| I/O control for devices (Set for = '')
2018-12-17T23:07:30.793704095Z	51	PC: 150ea \| Get or set Ctrl-Break
2018-12-17T23:07:30.79598359Z	51	PC: 150f6 \| Get or set Ctrl-Break
2018-12-17T23:07:30.797354999Z	72	PC: 12df8 \| Allocate memory
2018-12-17T23:07:30.806263244Z	26	PC: 12c05 \| Set disk transfer address
2018-12-17T23:07:30.808501771Z	78	PC: 12c0c \| Find first file
2018-12-17T23:07:30.822535332Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.824941945Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.828526274Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.831256857Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.833831837Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.83716891Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.8397543Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.842260681Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.845948694Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.848463752Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.850960575Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.854292739Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.859478046Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.861812775Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.868100034Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.87269444Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.87667332Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.880432496Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.883969926Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.88691394Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.891732498Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.895626789Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.898902356Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.901985661Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.906487784Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.909431769Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.912286175Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.915845265Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.918925976Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.921493732Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.92444445Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.929984924Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.932778546Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.937238249Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.940750311Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.943545115Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.946100749Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.949717648Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.95228306Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.954835538Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.958355636Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.961584024Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.968468415Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.9716787Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.974121773Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.976688758Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.980677485Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.982985674Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.985210136Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.988692683Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.990945888Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.993336191Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.997191829Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:30.999889009Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.002247923Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.00524614Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.007698049Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.010435094Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.013044629Z	73	PC: 12df8 \| Release memory
2018-12-17T23:07:31.02338152Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.026949667Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.030566596Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.037215094Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.039919157Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.043939274Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.047167583Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.049915247Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.052696355Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.058940423Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.064659223Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.069517265Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.078278755Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.081668417Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.083729551Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.086643428Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.0887989Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.091804891Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.094945555Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.097224339Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.0995922Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.102599512Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.105003541Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.107219647Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.111534328Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.11430711Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.117015281Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.120413238Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.123481887Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.126188144Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.130079489Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.132796847Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.135506751Z	6	PC: 1509d \| Direct console I/O
2018-12-17T23:07:31.139411952Z	12	PC: 15146 \| Flush input buffer and input