Sample viewer

vx.netlux.org/Trojan.DOS.SexTest

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:15:31.420454968Z 53 PC: 143da | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:15:31.422437955Z 53 PC: 143da | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:15:31.424796989Z 53 PC: 143da | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:15:31.426488729Z 53 PC: 143da | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:15:31.428123091Z 53 PC: 143da | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:15:31.430787069Z 53 PC: 143da | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:15:31.431934395Z 53 PC: 143da | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:15:31.433019655Z 53 PC: 143da | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:15:31.43555996Z 53 PC: 143da | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:15:31.437599213Z 53 PC: 143da | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:15:31.438918903Z 53 PC: 143da | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:15:31.4414444Z 53 PC: 143da | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:15:31.442590534Z 53 PC: 143da | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:15:31.44368954Z 53 PC: 143da | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:15:31.444891459Z 53 PC: 143da | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:15:31.446604239Z 53 PC: 143da | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:15:31.44799834Z 53 PC: 143da | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:15:31.449261785Z 53 PC: 143da | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:15:31.452131137Z 53 PC: 143da | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:15:31.45369694Z 37 PC: 143ef | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:15:31.455167405Z 37 PC: 143f7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:15:31.457112531Z 37 PC: 143ff | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:15:31.464598331Z 37 PC: 14407 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:15:31.466348741Z 68 PC: 14a65 | I/O control for devices (Set for = '�o��׾F�� ')
2018-12-17T23:15:31.561433527Z 37 PC: 13e01 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:15:31.563293013Z 60 PC: 14a49 | Create or truncate file
2018-12-17T23:15:33.487270697Z 68 PC: 14a65 | I/O control for devices (Set for = '�o��׾F�� ')
2018-12-17T23:15:33.490782107Z 64 PC: 147d3 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T23:15:33.500069193Z 64 PC: 147d3 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T23:15:33.503735755Z 64 PC: 147d3 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T23:15:33.508949425Z 64 PC: 147d3 | Write file or device (Write 128 bytes on handle 5)
2018-12-17T23:15:33.512948842Z 64 PC: 147d3 | Write file or device (Write 6 bytes on handle 5)
2018-12-17T23:15:33.570353993Z 62 PC: 14812 | Close file
2018-12-17T23:15:33.611999913Z 67 PC: 13d46 | Get or set file attributes