Sample viewer

vx.netlux.org/Virus.DOS.Tronspy.4528

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:45:34.536751751Z 25 PC: 9c827 | Get default drive
2018-12-17T22:45:34.53850257Z 37 PC: 9c832 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:34.539612294Z 71 PC: 9c83f | Get current directory
2018-12-17T22:45:34.542069098Z 26 PC: 9c848 | Set disk transfer address
2018-12-17T22:45:34.544374087Z 14 PC: 9c88d | Set default drive (Drive = 'C')
2018-12-17T22:45:34.545886096Z 59 PC: 9c894 | Change current directory
2018-12-17T22:45:34.550687545Z 78 PC: 9c8a0 | Find first file
2018-12-17T22:45:34.560761315Z 14 PC: 9c98d | Set default drive (Drive = 'A')
2018-12-17T22:45:34.569680105Z 59 PC: 9c994 | Change current directory
2018-12-17T22:45:34.5864865Z 37 PC: 9c9aa | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:34.589079069Z 26 PC: 9c9b3 | Set disk transfer address
2018-12-17T22:45:34.591293558Z 81 PC: 14d8a | Get current PSP
2018-12-17T22:45:34.592938468Z 61 PC: 14de3 | Open file (Filename = 'A:\TEST.COM')
2018-12-17T22:45:34.600483599Z 66 PC: 14e4d | Move file pointer
2018-12-17T22:45:34.604496756Z 63 PC: 14e65 | Read file or device (Read 7 bytes on handle 5)
2018-12-17T22:45:34.608177429Z 66 PC: 14ef0 | Move file pointer
2018-12-17T22:45:34.610026532Z 63 PC: 14efb | Read file or device (Read 16 bytes on handle 5)
2018-12-17T22:45:34.618808756Z 66 PC: 14ef0 | Move file pointer
2018-12-17T22:45:34.620828319Z 63 PC: 14efb | Read file or device (Read 16 bytes on handle 5)
2018-12-17T22:45:34.624050972Z 66 PC: 14ef0 | Move file pointer
2018-12-17T22:45:34.626250282Z 63 PC: 14efb | Read file or device (Read 16 bytes on handle 5)
2018-12-17T22:45:34.629496709Z 63 PC: 14f5f | Read file or device (Read 3529 bytes on handle 5)
2018-12-17T22:45:34.637170522Z 62 PC: 14df9 | Close file
2018-12-17T22:45:34.640109702Z 56 PC: 15431 | Get or set country info
2018-12-17T22:45:34.642037252Z 48 PC: 15016 | Get DOS version
2018-12-17T22:45:34.643999007Z 64 PC: 15126 | Write file or device (Write 28 bytes on handle 2)
2018-12-17T22:45:34.649334708Z 0 PC: 155d0 | Program terminate