Sample viewer

vx.netlux.org/Trojan.DOS.Asd

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:11:41.421735897Z	48	PC: 12a4c \| Get DOS version
2018-12-17T23:11:41.425431215Z	53	PC: 12bbc \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:11:41.426765092Z	53	PC: 12bc9 \| Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T23:11:41.428366092Z	53	PC: 12bd6 \| Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T23:11:41.437512821Z	53	PC: 12be3 \| Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T23:11:41.43851994Z	37	PC: 12bf7 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:11:41.439767843Z	74	PC: 12ad6 \| Reallocate memory
2018-12-17T23:11:41.442217947Z	68	PC: 12eda \| I/O control for devices (Set for = '')
2018-12-17T23:11:41.443712792Z	74	PC: 136b8 \| Reallocate memory
2018-12-17T23:11:41.445088591Z	74	PC: 136b8 \| Reallocate memory
2018-12-17T23:11:41.446848492Z	68	PC: 12eda \| I/O control for devices (Set for = ' .')
2018-12-17T23:11:41.448281931Z	28	PC: 12dc7 \| Get allocation info for specified drive
2018-12-17T23:11:53.142204285Z	37	PC: 12c03 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:11:53.14404895Z	37	PC: 12c0e \| Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T23:11:53.145290508Z	37	PC: 12c19 \| Set interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T23:11:53.1464078Z	37	PC: 12c24 \| Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T23:11:53.148530319Z	76	PC: 12bad \| Terminate with return code (Return code = '0')