Sample viewer

vx.netlux.org/Trojan.DOS.Moron.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:42:59.472621297Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:42:59.474509537Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:42:59.475577519Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:42:59.476654699Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:42:59.479101981Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:42:59.480016093Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:42:59.480904465Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:42:59.482437509Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:42:59.483737621Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:42:59.485067054Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:42:59.486588879Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:42:59.487990505Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:42:59.489489176Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:42:59.490886427Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:42:59.492197011Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:42:59.493576339Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:42:59.494804601Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:42:59.496331116Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:42:59.497262659Z	53	PC: 1341e \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:42:59.498107122Z	37	PC: 13433 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:42:59.49958227Z	37	PC: 1343a \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:42:59.501238076Z	37	PC: 13441 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:42:59.5020383Z	37	PC: 13448 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:42:59.50429698Z	68	PC: 136bd \| I/O control for devices (Set for = '��r�U=��t�SE�#��g��AEþ�')
2018-12-17T22:42:59.611366742Z	64	PC: 13934 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:42:59.613279171Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:42:59.615474445Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:42:59.616509975Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:42:59.617689706Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:42:59.619763933Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:42:59.620859851Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:42:59.621855769Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:42:59.623363035Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:42:59.624357407Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:42:59.625516801Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:42:59.627285941Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:42:59.629933421Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:42:59.630917757Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:42:59.632381377Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:42:59.633447378Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:42:59.634567703Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:42:59.637069684Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:42:59.639058556Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:42:59.640128275Z	37	PC: 13587 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:42:59.642291054Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.644493054Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.647450922Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.651135796Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.653705143Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.656911191Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.660446051Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.663032068Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.665075628Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.667597715Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.670090671Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.672401076Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.675011626Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.677796006Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.679800981Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.681761211Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.686028778Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.688093463Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.69012462Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.693710404Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.695819201Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.697839664Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.700337099Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.702290065Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.7041746Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.707330586Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.709349408Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.72172375Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.72558371Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.727996923Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.730491913Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.733686947Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.736315687Z	6	PC: 13606 \| Direct console I/O
2018-12-17T22:42:59.739799711Z	76	PC: 135c6 \| Terminate with return code (Return code = '200')