Sample viewer

vx.netlux.org/Trojan.DOS.Zyflex

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:01:53.372014263Z	53	PC: 13666 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:01:53.374300419Z	53	PC: 13666 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:01:53.375987339Z	53	PC: 13666 \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:01:53.377651746Z	53	PC: 13666 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:01:53.380173054Z	53	PC: 13666 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:01:53.381835929Z	53	PC: 13666 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:01:53.383264483Z	53	PC: 13666 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:01:53.384618397Z	53	PC: 13666 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:01:53.387019328Z	53	PC: 13666 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:01:53.389832785Z	53	PC: 13666 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:01:53.392655568Z	53	PC: 13666 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:01:53.396104969Z	53	PC: 13666 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:01:53.398426962Z	53	PC: 13666 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:01:53.400725261Z	53	PC: 13666 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:01:53.403478334Z	53	PC: 13666 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:01:53.404895988Z	53	PC: 13666 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:01:53.406848266Z	53	PC: 13666 \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:01:53.409185748Z	53	PC: 13666 \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:01:53.410456737Z	37	PC: 1367b \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:01:53.411751549Z	37	PC: 13683 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:01:53.413363148Z	37	PC: 1368b \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:01:53.415588579Z	37	PC: 13693 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:01:53.417727378Z	68	PC: 13bdf \| I/O control for devices (Set for = '')
2018-12-17T23:01:53.452988352Z	37	PC: 12ff7 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:01:53.457626788Z	86	PC: 14080 \| Rename file
2018-12-17T23:01:53.464941342Z	37	PC: 13775 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:01:53.466338928Z	37	PC: 13775 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:01:53.469167602Z	37	PC: 13775 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T23:01:53.470815649Z	37	PC: 13775 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:01:53.472445121Z	37	PC: 13775 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:01:53.475341724Z	37	PC: 13775 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:01:53.477902205Z	37	PC: 13775 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:01:53.480008853Z	37	PC: 13775 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:01:53.482661087Z	37	PC: 13775 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:01:53.484287643Z	37	PC: 13775 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:01:53.485892659Z	37	PC: 13775 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:01:53.488074158Z	37	PC: 13775 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:01:53.48943239Z	37	PC: 13775 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:01:53.490798086Z	37	PC: 13775 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:01:53.493789237Z	37	PC: 13775 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:01:53.49778314Z	37	PC: 13775 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:01:53.499297596Z	37	PC: 13775 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T23:01:53.501491188Z	37	PC: 13775 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T23:01:53.503469665Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.506096351Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.50972517Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.512268499Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.5147491Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.517457379Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.521094231Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.523384896Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.52573413Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.528085167Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.530006047Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.531935142Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.534599638Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.536390944Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.538183192Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.540931025Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.54289748Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.544674699Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.547400029Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.549883095Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.551993551Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.555289113Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.55751756Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.559796553Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.561943066Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.564704284Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.567478197Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.569847028Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.572862784Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.574745721Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.576554991Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.580648272Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.582858385Z	6	PC: 137fc \| Direct console I/O
2018-12-17T23:01:53.585386516Z	76	PC: 137b4 \| Terminate with return code (Return code = '2')