Sample viewer

vx.netlux.org/Trojan.DOS.DelWin.g

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:09:48.999570889Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:09:49.009097357Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:09:49.010561967Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:09:49.012570705Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:09:49.017777018Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:09:49.019106284Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:09:49.020264355Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:09:49.021708695Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:09:49.023823207Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:09:49.025434988Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:09:49.026936649Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:09:49.030472065Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:09:49.032150508Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:09:49.057710015Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:09:49.059561892Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:09:49.061163958Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:09:49.062585405Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:09:49.064278495Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:09:49.066500877Z	53	PC: 1329a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:09:49.067923784Z	37	PC: 132af \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:09:49.069392386Z	37	PC: 132b7 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:09:49.071322769Z	37	PC: 132bf \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:09:49.072666645Z	37	PC: 132c7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:09:49.074269487Z	68	PC: 13c57 \| I/O control for devices (Set for = 'X�r��]=')
2018-12-17T22:09:49.15699638Z	37	PC: 12c01 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:09:49.158623124Z	14	PC: 1397d \| Set default drive (Drive = 'C')
2018-12-17T22:09:49.159721007Z	25	PC: 13981 \| Get default drive
2018-12-17T22:09:49.161235646Z	59	PC: 139eb \| Change current directory
2018-12-17T22:09:49.171441355Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:09:49.17262833Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:09:49.174527064Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:09:49.175760227Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:09:49.176774324Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:09:49.178865829Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:09:49.179891404Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:09:49.180920283Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:09:49.182568893Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:09:49.183864147Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:09:49.184912756Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:09:49.186455327Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:09:49.187584072Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:09:49.18863828Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:09:49.189917477Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:09:49.191550876Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:09:49.193077695Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:09:49.195352403Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:09:49.196765824Z	37	PC: 133f1 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:09:49.198137773Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.200627431Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.203028618Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.204871442Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.206900405Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.209122315Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.211517162Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.213719395Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.215838694Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.217752429Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.220103961Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.222664656Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.224444413Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.227846276Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.23009412Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.231963413Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.245269434Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.249032835Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.251246927Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.253398339Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.256017599Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.25851271Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.260760283Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.263588673Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.26568341Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.267666748Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.270216084Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.279644Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.281686927Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.284130504Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.28648033Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.290010137Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.293121554Z	6	PC: 13478 \| Direct console I/O
2018-12-17T22:09:49.296574641Z	76	PC: 13430 \| Terminate with return code (Return code = '3')