Sample viewer

vx.netlux.org/Trojan.DOS.SPS.200

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:48:18.059345027Z 52 PC: 12a6e | Get InDOS flag pointer
2018-12-17T22:48:18.061747982Z 81 PC: 12a76 | Get current PSP
2018-12-17T22:48:18.063878195Z 44 PC: 132d8 | Get time 0x132d8: in al, 0x40
0x132da: mov ah, al
0x132dc: in al, 0x40
0x132de: xor ax, cx
0x132e0: xor dx, ax
0x132e2: jmp 0x13309
0x132e4: call 0x132ec
0x132e7: or ax, ax
0x132e9: je 0x132e4
0x132eb: ret
0x132ec: push dx
0x132ed: push cx
0x132ee: push bx
0x132ef: in al, 0x40
0x132f1: add ax, 0xf34a
0x132f4: mov dx, 0x5b1e
0x132f7: mov cx, 7
0x132fa: shl ax, 1
0x132fc: rcl dx, 1
0x132fe: mov bl, al
2018-12-17T22:48:18.066905163Z 9 PC: 12b2a | Display string (String= ' PasswordViewer // v2.0 (c) 1997 by Nice, SPS. ')
2018-12-17T22:48:18.072448678Z 9 PC: 12b2a | Display string (String= ' ')
2018-12-17T22:48:18.077429597Z 37 PC: 12aa9 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:48:18.079084216Z 51 PC: 12b3d | Get or set Ctrl-Break
2018-12-17T22:48:18.080459511Z 51 PC: 12bbb | Get or set Ctrl-Break
2018-12-17T22:48:18.082863828Z 9 PC: 12b2a | Display string (Could not find end pointer)
2018-12-17T22:48:18.096136217Z 9 PC: 12b2a | Display string (String= ' ')