Sample viewer

vx.netlux.org/Trojan.DOS.KillCMOS.h

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T21:56:17.340539803Z	48	PC: 12a4c \| Get DOS version
2018-12-17T21:56:17.342490378Z	53	PC: 12be0 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:56:17.344979445Z	53	PC: 12bed \| Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T21:56:17.346005299Z	53	PC: 12bfa \| Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T21:56:17.354532507Z	53	PC: 12c07 \| Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T21:56:17.356346233Z	37	PC: 12c1b \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:56:17.357766524Z	74	PC: 12af7 \| Reallocate memory
2018-12-17T21:56:17.359826294Z	88	PC: 12b31 \| case 0xGet or set allocation strateg:
2018-12-17T21:56:17.362463239Z	103	PC: 12b3b \| Set handle count
2018-12-17T21:56:17.36395425Z	72	PC: 12b44 \| Allocate memory
2018-12-17T21:56:17.366213325Z	73	PC: 12b51 \| Release memory
2018-12-17T21:56:17.367477549Z	88	PC: 12b5b \| case 0xGet or set allocation strateg:
2018-12-17T21:56:17.369728714Z	68	PC: 1301a \| I/O control for devices (Set for = 'right 1994 Borland Intl.')
2018-12-17T21:56:17.371977452Z	68	PC: 1301a \| I/O control for devices (Set for = '')
2018-12-17T21:56:17.376692027Z	37	PC: 12c27 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:56:17.377896345Z	37	PC: 12c32 \| Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T21:56:17.385703917Z	37	PC: 12c3d \| Set interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T21:56:17.386697274Z	37	PC: 12c48 \| Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T21:56:17.387825768Z	76	PC: 12bcb \| Terminate with return code (Return code = '0')