Sample viewer

vx.netlux.org/Trojan.DOS.Avclose

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T21:57:12.869501043Z	48	PC: 12b34 \| Get DOS version
2018-12-17T21:57:12.871400751Z	74	PC: 12b85 \| Reallocate memory
2018-12-17T21:57:12.873288171Z	48	PC: 12bf2 \| Get DOS version
2018-12-17T21:57:12.874455728Z	53	PC: 12bfa \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:57:12.876393611Z	37	PC: 12c0c \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:57:12.878914824Z	53	PC: 1a16a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:57:12.881082996Z	53	PC: 1a177 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:57:12.884845789Z	37	PC: 1a187 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:57:12.886264037Z	37	PC: 1a18f \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:57:12.887648503Z	53	PC: 1803d \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:57:12.889680668Z	53	PC: 1803d \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:57:12.891107292Z	53	PC: 1803d \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:57:12.899177543Z	53	PC: 1803d \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:57:12.901241565Z	53	PC: 1803d \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:57:12.902398395Z	53	PC: 1803d \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:57:12.903514577Z	53	PC: 1803d \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:57:12.905271376Z	53	PC: 1803d \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:57:12.906619414Z	53	PC: 1803d \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:57:12.907757504Z	53	PC: 1803d \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:57:12.909248582Z	53	PC: 1803d \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:57:12.91147932Z	37	PC: 1806c \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:57:12.912870256Z	37	PC: 1806c \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:57:12.913928207Z	37	PC: 1806c \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:57:12.922037446Z	37	PC: 1806c \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:57:12.923576926Z	37	PC: 1806c \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:57:12.925124793Z	37	PC: 1806c \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:57:12.927678363Z	37	PC: 1806c \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:57:12.929064817Z	37	PC: 1806c \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:57:12.930488194Z	37	PC: 18073 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:57:12.932671526Z	37	PC: 18078 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:57:12.934472381Z	68	PC: 12c9d \| I/O control for devices (Set for = '�')
2018-12-17T21:57:12.936346782Z	68	PC: 12c9d \| I/O control for devices
2018-12-17T21:57:12.949486439Z	68	PC: 12c9d \| I/O control for devices (Set for = '�R6014 - control-BREAK encountered ')
2018-12-17T21:57:12.950820874Z	68	PC: 12c9d \| I/O control for devices (Set for = 'REAK encountered ')
2018-12-17T21:57:12.952181236Z	68	PC: 12c9d \| I/O control for devices (Set for = 'REAK encountered ')
2018-12-17T21:57:12.954990748Z	53	PC: 1418b \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:57:12.956103117Z	53	PC: 14198 \| Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T21:57:12.957173933Z	53	PC: 141a5 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:57:12.959001094Z	37	PC: 141bb \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:57:12.960323714Z	37	PC: 141c3 \| Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T21:57:12.961634652Z	37	PC: 141cb \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:57:12.96353203Z	53	PC: 15f40 \| Get interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T21:57:12.96463157Z	53	PC: 15f4d \| Get interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T21:57:12.966036779Z	53	PC: 15f5c \| Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T21:57:12.967863299Z	37	PC: 15f69 \| Set interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T21:57:12.969392599Z	53	PC: 15f70 \| Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T21:57:12.97063611Z	37	PC: 15f7d \| Set interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T21:57:12.972317668Z	53	PC: 15f89 \| Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T21:57:12.976895506Z	48	PC: 16049 \| Get DOS version
2018-12-17T21:57:12.978486567Z	68	PC: 17dd3 \| I/O control for devices (Set for = '')
2018-12-17T21:57:12.980656783Z	68	PC: 17dd3 \| I/O control for devices (Set for = '')
2018-12-17T21:57:12.982020194Z	51	PC: 13e4f \| Get or set Ctrl-Break
2018-12-17T21:57:12.982935553Z	51	PC: 13e5b \| Get or set Ctrl-Break
2018-12-17T21:57:12.98753056Z	61	PC: 1555f \| Open file (Filename = 'C:\PROGRA~1\ANTIVI~1\AVP.SET')
2018-12-17T21:57:12.994748593Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:12.997286736Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.002326843Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.005264137Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.008222912Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.011121389Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.013290722Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.015321889Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.018163185Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.020353758Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.022707982Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.025569289Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.027796505Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.03001463Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.032950042Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.035106738Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.037453889Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.039898047Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.042904629Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.045117456Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.04768767Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.051348748Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.053901218Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.056455787Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.060527447Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.063052825Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.066038188Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.069541488Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.071940718Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.074155387Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.077219764Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.079505274Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.08183993Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.085072098Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.088297049Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.090770842Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.093464735Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.096378741Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.09861415Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.105113244Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.107526952Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.109851282Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.112807658Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.114929065Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.117018027Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.11994172Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.122106144Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.124249142Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.127503374Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.129639426Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.132936518Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.13622395Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.138389977Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.140544012Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.142792102Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.145828746Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.148177579Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.150512416Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.155343704Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.157564714Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.161786528Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.165770858Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.170993593Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.173569066Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.177220509Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.179793867Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.182939045Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.195952636Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.198751788Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.201418354Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.204956594Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.207999211Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.210616424Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.214026617Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.216730462Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.219172187Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.222567133Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.225435001Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.227922993Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.231384397Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.234245115Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.23670359Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.240162485Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.24299405Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.245179191Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.248149584Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.250385766Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.25243574Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.255135556Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.257496858Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.260117768Z	6	PC: 13487 \| Direct console I/O
2018-12-17T21:57:13.264912998Z	12	PC: 13ead \| Flush input buffer and input