Sample viewer

vx.netlux.org/Trojan.DOS.AnDum.a

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:10:44.822245931Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:10:44.824469513Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:10:44.826525039Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:10:44.829177649Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:10:44.830845797Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:10:44.836652851Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:10:44.838621414Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:10:44.840801134Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:10:44.843451269Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:10:44.844996386Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:10:44.846469106Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:10:44.853469514Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:10:44.855222722Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:10:44.856888626Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:10:44.859444363Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:10:44.860929046Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:10:44.862577377Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:10:44.865807653Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:10:44.868298609Z	53	PC: 1338a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:10:44.870703653Z	37	PC: 1339f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:10:44.873148371Z	37	PC: 133a7 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:10:44.875889558Z	37	PC: 133af \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:10:44.877503865Z	37	PC: 133b7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:10:44.87937268Z	68	PC: 13c2c \| I/O control for devices (Set for = '[�� ')
2018-12-17T23:10:45.008002853Z	64	PC: 137a8 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T23:10:45.010610268Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:10:45.012438387Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:10:45.01550737Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:10:45.017987265Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:10:45.019847995Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:10:45.031842698Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:10:45.033665556Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:10:45.035400169Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:10:45.037375065Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:10:45.042894647Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:10:45.044264835Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:10:45.045637517Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:10:45.04855767Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:10:45.050255744Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:10:45.051925445Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:10:45.054358993Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:10:45.056024556Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:10:45.057766212Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:10:45.060150597Z	37	PC: 134e1 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:10:45.061969148Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.064757744Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.06831235Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.071062914Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.073802778Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.076957502Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.079810478Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.082769064Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.085485774Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.088443317Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.091073695Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.093387438Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.096658461Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.099385781Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.102137797Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.105987089Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.108748523Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.11151662Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.115682386Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.118787748Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.121493548Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.125255233Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.128046734Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.130830862Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.134364409Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.137558046Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.140347012Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.143096814Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.146796183Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.149586702Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.152278446Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.155978456Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.158299341Z	6	PC: 13568 \| Direct console I/O
2018-12-17T23:10:45.164533659Z	76	PC: 13520 \| Terminate with return code (Return code = '200')