Sample viewer

vx.netlux.org/Trojan.DOS.Mylove.c

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:15:16.640139889Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:15:16.642192692Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:15:16.655001464Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:15:16.657814001Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:15:16.660215866Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:15:16.661633574Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:15:16.663035979Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:15:16.665499204Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:15:16.666967506Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:15:16.668360046Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:15:16.669762273Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:15:16.672463171Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:15:16.673814529Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:15:16.675181775Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:15:16.677600429Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:15:16.678915622Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:15:16.680621449Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:15:16.683552057Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:15:16.684696746Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:15:16.68579871Z	37	PC: 131ff \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:15:16.68762132Z	37	PC: 13207 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:15:16.688652842Z	37	PC: 1320f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:15:16.689675526Z	37	PC: 13217 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:15:16.691768155Z	68	PC: 13875 \| I/O control for devices (Set for = '+�e��&�>\|')
2018-12-17T22:15:16.740643588Z	37	PC: 12c11 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:15:16.742673269Z	67	PC: 12b62 \| Get or set file attributes
2018-12-17T22:15:16.7490479Z	60	PC: 13859 \| Create or truncate file
2018-12-17T22:15:16.755135911Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:15:16.756258787Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:15:16.758781183Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:15:16.760388877Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:15:16.762351593Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:15:16.764006434Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:15:16.765953271Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:15:16.76709389Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:15:16.768225437Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:15:16.770473536Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:15:16.773422005Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:15:16.775857113Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:15:16.779197884Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:15:16.781011014Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:15:16.782304569Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:15:16.78440498Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:15:16.785632883Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:15:16.786785795Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:15:16.788964005Z	37	PC: 13341 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:15:16.790458601Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.792828456Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.796221322Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.798995449Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.801678045Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.805731272Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.808418265Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.811080336Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.815470843Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.819334147Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.822916639Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.826793091Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.829471872Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.832088451Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.835662895Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.83835135Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.840757828Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.843662768Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.846985337Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.849277073Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.85154468Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.854913523Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.857644832Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.859946503Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.863212284Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.873957298Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.876392012Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.87965916Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.88245254Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.884715961Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.888083692Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.890368519Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.892500524Z	6	PC: 133c8 \| Direct console I/O
2018-12-17T22:15:16.897489967Z	76	PC: 13380 \| Terminate with return code (Return code = '3')