Sample viewer

vx.netlux.org/Trojan.DOS.Sisia

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:47:04.266963344Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:47:04.271199001Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:47:04.278642206Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:47:04.280476171Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:47:04.28227472Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:47:04.289625932Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:04.291357445Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:47:04.293091142Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:47:04.295428022Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:47:04.306404635Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:47:04.308065004Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:47:04.310708962Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:47:04.31287938Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:47:04.315548174Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:47:04.318098886Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:47:04.327371507Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:47:04.32929427Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:47:04.331153663Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:47:04.334069462Z	53	PC: 1363a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:47:04.335940397Z	37	PC: 1364f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:47:04.337694152Z	37	PC: 13657 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:47:04.343355699Z	37	PC: 1365f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:04.353709281Z	37	PC: 13667 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:47:04.369178314Z	68	PC: 13d56 \| I/O control for devices (Set for = '�7��;��3��6�\')
2018-12-17T22:47:04.490004539Z	64	PC: 13a58 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:47:04.492248566Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:47:04.493877466Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:47:04.496542443Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:47:04.498541799Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:47:04.500105146Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:47:04.501691897Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:04.504123746Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:47:04.505683928Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:47:04.507248507Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:47:04.509877046Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:47:04.511385389Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:47:04.512655085Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:47:04.518876844Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:47:04.520674151Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:47:04.522495553Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:47:04.524733338Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:47:04.529419843Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:47:04.531853145Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:47:04.534725541Z	37	PC: 13791 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:47:04.540797339Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.543782998Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.547178928Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.550125434Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.552883486Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.555391027Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.559006289Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.561496758Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.564005221Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.567611216Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.570100363Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.572614586Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.577007349Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.579362745Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.581719933Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.584486241Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.587240505Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.589522793Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.592021097Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.595046691Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.597613063Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.600278491Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.603560898Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.606203142Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.608769814Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.612171715Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.614617631Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.617493003Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.620736387Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.623092794Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.625557905Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.628569103Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.630885434Z	6	PC: 13818 \| Direct console I/O
2018-12-17T22:47:04.634541022Z	76	PC: 137d0 \| Terminate with return code (Return code = '200')