Sample viewer

vx.netlux.org/Trojan.DOS.Loader.Tef

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:30:02.893274345Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:30:02.894856781Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:30:02.896566713Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:30:02.897948175Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:30:02.899441254Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:30:02.900914803Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:30:02.902358036Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:30:02.903573018Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:30:02.905852809Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:30:02.907077499Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:30:02.908283348Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:30:02.909929436Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:30:02.911046584Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:30:02.912065897Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:30:02.913424625Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:30:02.914431185Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:30:02.915306758Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:30:02.916890959Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:30:02.917775725Z 53 PC: 13b3a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:30:02.918642458Z 37 PC: 13b4f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:30:02.920348065Z 37 PC: 13b57 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:30:02.921354398Z 37 PC: 13b5f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:30:02.922169195Z 37 PC: 13b67 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:30:02.923568211Z 68 PC: 1436b | I/O control for devices (Set for = '����G t�[�����G t�]�� ')
2018-12-17T22:30:03.03969342Z 64 PC: 13f58 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:30:03.041099783Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:30:03.042747065Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:30:03.044308494Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:30:03.04566948Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:30:03.047013841Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:30:03.048616251Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:30:03.049659807Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:30:03.050692978Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:30:03.052391556Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:30:03.053407203Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:30:03.054415179Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:30:03.056141272Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:30:03.057994577Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:30:03.059820709Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:30:03.061881555Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:30:03.063763241Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:30:03.06563853Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:30:03.067818917Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:30:03.068946802Z 37 PC: 13c91 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:30:03.069996614Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.072581109Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.074627032Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.077160833Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.080106151Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.082142796Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.084066937Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.086471622Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.08848561Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.090424838Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.093328702Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.095328118Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.097268469Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.099987055Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.102191826Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.104402031Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.106882114Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.109569872Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.111792667Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.114216425Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.116673933Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.118938761Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.121345437Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.123529888Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.125379742Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.128203815Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.130346915Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.13211351Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.134097976Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.137154658Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.138750776Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.140853853Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.143685854Z 6 PC: 13d18 | Direct console I/O
2018-12-17T22:30:03.14744483Z 76 PC: 13cd0 | Terminate with return code (Return code = '200')