Sample viewer

vx.netlux.org/Trojan.DOS.Imaker

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T21:58:52.229134557Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:58:52.231450575Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:58:52.233136389Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:58:52.234774545Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:58:52.238159055Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:58:52.239706551Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:58:52.241247427Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:58:52.243975995Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:58:52.245583394Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:58:52.247093402Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:58:52.249779522Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:58:52.251325871Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:58:52.252823873Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:58:52.25463859Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:58:52.257887422Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:58:52.25933649Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:58:52.260786279Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:58:52.262936424Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:58:52.264259448Z	53	PC: 13b0a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:58:52.265472611Z	37	PC: 13b1f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:58:52.26724637Z	37	PC: 13b27 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:58:52.268926637Z	37	PC: 13b2f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:58:52.270444952Z	37	PC: 13b37 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:58:52.272737792Z	68	PC: 14226 \| I/O control for devices (Set for = '�� ')
2018-12-17T21:58:52.408032743Z	64	PC: 13f28 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:58:52.409882604Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:58:52.412266463Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:58:52.41339916Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:58:52.414528979Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:58:52.416988505Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:58:52.418426925Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:58:52.419709124Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:58:52.422534269Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:58:52.423639412Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:58:52.424789832Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:58:52.42687578Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:58:52.428457688Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:58:52.430068819Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:58:52.432597934Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:58:52.433995306Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:58:52.435430087Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:58:52.437392626Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:58:52.438812849Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:58:52.440205199Z	37	PC: 13c61 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:58:52.442314625Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.44463517Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.447039227Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.450353606Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.452508265Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.45449967Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.458118815Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.460642182Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.462646667Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.464783738Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.467509723Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.469505101Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.471688413Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.474090444Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.476064958Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.478417648Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.497775336Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.500044408Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.50204848Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.510211959Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.512316183Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.51440706Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.517071196Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.519079545Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.521272452Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.528157937Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.53021753Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.532306155Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.53528206Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.537839186Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.545224021Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.547578254Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.549577272Z	6	PC: 13ce8 \| Direct console I/O
2018-12-17T21:58:52.554734471Z	76	PC: 13ca0 \| Terminate with return code (Return code = '200')