Sample viewer

vx.netlux.org/Trojan.DOS.Delt

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:33:48.986360291Z 53 PC: 136fa | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:33:48.987588228Z 53 PC: 136fa | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:33:48.994063386Z 53 PC: 136fa | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:33:48.996514698Z 53 PC: 136fa | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:33:48.998988265Z 53 PC: 136fa | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:33:49.002200403Z 53 PC: 136fa | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:33:49.004075455Z 53 PC: 136fa | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:33:49.005816222Z 53 PC: 136fa | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:33:49.013344649Z 53 PC: 136fa | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:33:49.014696644Z 53 PC: 136fa | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:33:49.016082578Z 53 PC: 136fa | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:33:49.01996104Z 53 PC: 136fa | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:33:49.021515934Z 53 PC: 136fa | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:33:49.023123724Z 53 PC: 136fa | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:33:49.026696523Z 53 PC: 136fa | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:33:49.028147346Z 53 PC: 136fa | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:33:49.029538616Z 53 PC: 136fa | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:33:49.031190768Z 53 PC: 136fa | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:33:49.032827918Z 53 PC: 136fa | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:33:49.034163871Z 37 PC: 1370f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:33:49.035415739Z 37 PC: 13717 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:33:49.037703113Z 37 PC: 1371f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:33:49.03926045Z 37 PC: 13727 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:33:49.041075115Z 68 PC: 13d85 | I/O control for devices (Set for = '�3ɴN�!�r �S�@t3��O�:���II �x ����ø`��w���@')
2018-12-17T22:33:49.144174464Z 37 PC: 13121 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:33:49.154300152Z 67 PC: 13066 | Get or set file attributes
2018-12-17T22:33:49.570420979Z 60 PC: 13d69 | Create or truncate file
2018-12-17T22:33:49.586218794Z 68 PC: 13d85 | I/O control for devices (Set for = '�3ɴN�!�r �S�@t3��O�:���II �x ����ø`��w���@')
2018-12-17T22:33:49.589049276Z 64 PC: 13af3 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T22:33:49.598816715Z 64 PC: 13af3 | Write file or device (Write 11 bytes on handle 5)
2018-12-17T22:33:49.602717698Z 62 PC: 13b32 | Close file
2018-12-17T22:33:49.615723375Z 67 PC: 13066 | Get or set file attributes
2018-12-17T22:33:49.622547967Z 60 PC: 13d69 | Create or truncate file
2018-12-17T22:33:49.636842346Z 68 PC: 13d85 | I/O control for devices (Set for = '�3ɴN�!�r �S�@t3��O�:���II �x ����ø`��w���@')
2018-12-17T22:33:49.639325221Z 64 PC: 13af3 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T22:33:49.644117504Z 64 PC: 13af3 | Write file or device (Write 49 bytes on handle 5)
2018-12-17T22:33:49.647783125Z 62 PC: 13b32 | Close file
2018-12-17T22:33:49.659656322Z 67 PC: 13066 | Get or set file attributes
2018-12-17T22:33:49.667866738Z 37 PC: 13851 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:33:49.669212368Z 37 PC: 13851 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:33:49.671325618Z 37 PC: 13851 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:33:49.672549594Z 37 PC: 13851 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:33:49.673608741Z 37 PC: 13851 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:33:49.675249234Z 37 PC: 13851 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:33:49.676553908Z 37 PC: 13851 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:33:49.677873673Z 37 PC: 13851 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:33:49.679709415Z 37 PC: 13851 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:33:49.681020533Z 37 PC: 13851 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:33:49.683459642Z 37 PC: 13851 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:33:49.68516273Z 37 PC: 13851 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:33:49.686843597Z 37 PC: 13851 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:33:49.688419207Z 37 PC: 13851 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:33:49.691164691Z 37 PC: 13851 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:33:49.692852529Z 37 PC: 13851 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:33:49.694437828Z 37 PC: 13851 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:33:49.696011797Z 37 PC: 13851 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:33:49.70343716Z 37 PC: 13851 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:33:49.705259306Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.708058422Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.718535477Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.720970207Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.723469406Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.726907864Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.729253054Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.731590172Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.734878404Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.737320014Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.739813155Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.742494993Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.769309275Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.77289769Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.7755521Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.785880671Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.788474904Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.790969239Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.794817678Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.797656108Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.800540345Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.803898204Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.806355797Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.808779408Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.811856364Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.814423188Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.817511042Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.820972732Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.823364903Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.82567317Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.828523407Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.831325935Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.833904031Z 6 PC: 138d8 | Direct console I/O
2018-12-17T22:33:49.838822012Z 76 PC: 13890 | Terminate with return code (Return code = '105')