Sample viewer

vx.netlux.org/Trojan.DOS.Pas

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:48:48.584252485Z 53 PC: 130fa | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:48:48.587198961Z 53 PC: 130fa | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:48:48.588763902Z 53 PC: 130fa | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:48:48.591255724Z 53 PC: 130fa | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:48:48.593461478Z 53 PC: 130fa | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:48:48.595371246Z 53 PC: 130fa | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:48:48.598010014Z 53 PC: 130fa | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:48:48.599345694Z 53 PC: 130fa | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:48:48.600653582Z 53 PC: 130fa | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:48:48.60296784Z 53 PC: 130fa | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:48:48.604295785Z 53 PC: 130fa | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:48:48.605590908Z 53 PC: 130fa | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:48:48.607723155Z 53 PC: 130fa | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:48:48.609016495Z 53 PC: 130fa | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:48:48.610317199Z 53 PC: 130fa | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:48:48.612308901Z 53 PC: 130fa | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:48:48.613865235Z 53 PC: 130fa | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:48:48.615096578Z 53 PC: 130fa | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:48:48.616567122Z 53 PC: 130fa | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:48:48.6189826Z 37 PC: 1310f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:48:48.621158147Z 37 PC: 13117 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:48:48.623314329Z 37 PC: 1311f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:48:48.625724307Z 37 PC: 13127 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:48:48.628348779Z 68 PC: 13582 | I/O control for devices (Set for = 't�����VWPQ�f��c���f��|')
2018-12-17T22:48:48.760110898Z 64 PC: 13518 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:48:48.763583162Z 37 PC: 13251 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:48:48.765488191Z 37 PC: 13251 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:48:48.767425631Z 37 PC: 13251 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:48:48.773494955Z 37 PC: 13251 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:48:48.775226098Z 37 PC: 13251 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:48:48.777267504Z 37 PC: 13251 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:48:48.780198671Z 37 PC: 13251 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:48:48.782607096Z 37 PC: 13251 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:48:48.784968884Z 37 PC: 13251 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:48:48.787608694Z 37 PC: 13251 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:48:48.789206075Z 37 PC: 13251 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:48:48.790919775Z 37 PC: 13251 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:48:48.793204728Z 37 PC: 13251 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:48:48.794724003Z 37 PC: 13251 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:48:48.796041929Z 37 PC: 13251 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:48:48.797422903Z 37 PC: 13251 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:48:48.799894848Z 37 PC: 13251 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:48:48.801581558Z 37 PC: 13251 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:48:48.803237118Z 37 PC: 13251 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:48:48.805942752Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.809192528Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.811899164Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.815290496Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.818074506Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.820630208Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.82343616Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.826330208Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.828561631Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.831789175Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.834433334Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.83716213Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.839411186Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.842501954Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.845580437Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.848236037Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.85185661Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.854537407Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.856935363Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.859933035Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.862466015Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.865362286Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.869199907Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.872046485Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.874821349Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.877771893Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.880750619Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.883269622Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.886027614Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.889567335Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.892328393Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.895080795Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.898918185Z 6 PC: 132d8 | Direct console I/O
2018-12-17T22:48:48.903112946Z 76 PC: 13290 | Terminate with return code (Return code = '200')