Sample viewer

vx.netlux.org/Virus.DOS.Zohra.4488

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:10:03.293100795Z	25	PC: 15178 \| Get default drive
2018-12-17T23:10:03.295403042Z	25	PC: 151d9 \| Get default drive
2018-12-17T23:10:03.298298574Z	25	PC: 152ac \| Get default drive
2018-12-17T23:10:03.300144293Z	25	PC: 152b7 \| Get default drive
2018-12-17T23:10:03.305130623Z	219	PC: 15309 \| UNKNOWN!
2018-12-17T23:10:03.306374551Z	82	PC: 1555b \| Get DOS internal pointers (SYSVARS)
2018-12-17T23:10:03.308362608Z	48	PC: 12a4c \| Get DOS version
2018-12-17T23:10:03.310241539Z	53	PC: 12bab \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:10:03.312630208Z	53	PC: 12bb8 \| Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T23:10:03.314076776Z	53	PC: 12bc5 \| Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T23:10:03.315509269Z	53	PC: 12bd2 \| Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T23:10:03.32026144Z	37	PC: 12be6 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:10:03.322231181Z	74	PC: 12af4 \| Reallocate memory
2018-12-17T23:10:03.325339613Z	47	PC: 148e4 \| Get disk transfer address
2018-12-17T23:10:03.328621541Z	26	PC: 148f4 \| Set disk transfer address
2018-12-17T23:10:03.330657517Z	26	PC: 14a7d \| Set disk transfer address
2018-12-17T23:10:03.332323669Z	68	PC: 13c1b \| I/O control for devices (Set for = '�+ ')
2018-12-17T23:10:03.335892776Z	68	PC: 13c1b \| I/O control for devices (Set for = '�+ ')
2018-12-17T23:10:03.338732974Z	64	PC: 145b7 \| Write file or device (Write 48 bytes on handle 1)
2018-12-17T23:10:03.344689598Z	64	PC: 145b7 \| Write file or device (Write 44 bytes on handle 1)
2018-12-17T23:10:03.354442327Z	64	PC: 145b7 \| Write file or device (Write 50 bytes on handle 1)
2018-12-17T23:10:03.363741573Z	64	PC: 145b7 \| Write file or device (Write 50 bytes on handle 1)
2018-12-17T23:10:03.371055609Z	64	PC: 145b7 \| Write file or device (Write 45 bytes on handle 1)
2018-12-17T23:10:03.376940398Z	64	PC: 145b7 \| Write file or device (Write 48 bytes on handle 1)
2018-12-17T23:10:03.387821618Z	64	PC: 145b7 \| Write file or device (Write 50 bytes on handle 1)
2018-12-17T23:10:03.39527245Z	64	PC: 145b7 \| Write file or device (Write 51 bytes on handle 1)
2018-12-17T23:10:03.403381149Z	37	PC: 12bf2 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:10:03.405715636Z	37	PC: 12bfd \| Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T23:10:03.407506713Z	37	PC: 12c08 \| Set interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T23:10:03.409337193Z	37	PC: 12c13 \| Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T23:10:03.42370756Z	76	PC: 12b9c \| Terminate with return code (Return code = '1')