Sample viewer

vx.netlux.org/Trojan.DOS.Kond

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:51:03.68851466Z 48 PC: 12b4b | Get DOS version
2018-12-17T21:51:03.690846383Z 53 PC: 12cca | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:51:03.692064406Z 53 PC: 12cd7 | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T21:51:03.693207879Z 53 PC: 12ce4 | Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T21:51:03.695078762Z 53 PC: 12cf1 | Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T21:51:03.69627361Z 37 PC: 12d05 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:51:03.69778396Z 74 PC: 12bf6 | Reallocate memory
2018-12-17T21:51:03.707648694Z 68 PC: 12f50 | I/O control for devices (Set for = '')
2018-12-17T21:51:03.709698597Z 68 PC: 12f50 | I/O control for devices (Set for = '')
2018-12-17T21:51:04.051970782Z 37 PC: 12d11 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:51:04.054451463Z 37 PC: 12d1c | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T21:51:04.056286588Z 37 PC: 12d27 | Set interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T21:51:04.057647547Z 37 PC: 12d32 | Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T21:51:04.058994612Z 76 PC: 12cbb | Terminate with return code (Return code = '0')