Sample viewer

vx.netlux.org/Trojan.DOS.Zap.469

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:25:11.02856497Z	25	PC: 12af2 \| Get default drive
2018-12-17T22:25:11.030223245Z	71	PC: 12afe \| Get current directory
2018-12-17T22:25:11.0333981Z	14	PC: 12b24 \| Set default drive (Drive = '')
2018-12-17T22:25:11.035542305Z	25	PC: 12b28 \| Get default drive
2018-12-17T22:25:11.037090421Z	25	PC: 12b2d \| Get default drive
2018-12-17T22:25:11.039144956Z	59	PC: 12b38 \| Change current directory
2018-12-17T22:25:11.043846262Z	47	PC: 12b7f \| Get disk transfer address
2018-12-17T22:25:11.04495415Z	26	PC: 12b8c \| Set disk transfer address
2018-12-17T22:25:11.046723089Z	78	PC: 12b96 \| Find first file
2018-12-17T22:25:11.053386126Z	67	PC: 12bc5 \| Get or set file attributes
2018-12-17T22:25:11.066283507Z	65	PC: 12bd0 \| Delete file (Filename = 'SLEEP.COM')
2018-12-17T22:25:11.073628241Z	79	PC: 12bab \| Find next file
2018-12-17T22:25:11.076478055Z	67	PC: 12bc5 \| Get or set file attributes
2018-12-17T22:25:11.087321602Z	65	PC: 12bd0 \| Delete file (Filename = 'PRINT.S')
2018-12-17T22:25:11.100216387Z	79	PC: 12bab \| Find next file
2018-12-17T22:25:11.103285104Z	67	PC: 12bc5 \| Get or set file attributes
2018-12-17T22:25:11.115785805Z	65	PC: 12bd0 \| Delete file (Filename = 'PRINT.COM')
2018-12-17T22:25:11.129643475Z	79	PC: 12bab \| Find next file
2018-12-17T22:25:11.132594544Z	67	PC: 12bc5 \| Get or set file attributes
2018-12-17T22:25:11.144381804Z	65	PC: 12bd0 \| Delete file (Filename = 'HELLO.COM')
2018-12-17T22:25:11.156959744Z	79	PC: 12bab \| Find next file
2018-12-17T22:25:11.160121414Z	67	PC: 12bc5 \| Get or set file attributes
2018-12-17T22:25:11.171628545Z	65	PC: 12bd0 \| Delete file (Filename = 'PHANG.COM')
2018-12-17T22:25:11.184548631Z	79	PC: 12bab \| Find next file
2018-12-17T22:25:11.187967158Z	67	PC: 12bc5 \| Get or set file attributes
2018-12-17T22:25:11.198594519Z	65	PC: 12bd0 \| Delete file (Filename = 'PRINTA~1.COM')
2018-12-17T22:25:11.210324506Z	79	PC: 12bab \| Find next file
2018-12-17T22:25:11.213611221Z	67	PC: 12bc5 \| Get or set file attributes
2018-12-17T22:25:11.224913106Z	65	PC: 12bd0 \| Delete file (Filename = 'MANDEL.COM')
2018-12-17T22:25:11.240353378Z	79	PC: 12bab \| Find next file
2018-12-17T22:25:11.244467632Z	67	PC: 12bc5 \| Get or set file attributes
2018-12-17T22:25:11.255556021Z	65	PC: 12bd0 \| Delete file (Filename = 'PAH.COM')
2018-12-17T22:25:11.267531191Z	79	PC: 12bab \| Find next file
2018-12-17T22:25:11.271366556Z	67	PC: 12bc5 \| Get or set file attributes
2018-12-17T22:25:11.282349766Z	65	PC: 12bd0 \| Delete file (Filename = 'TEST.COM')
2018-12-17T22:25:11.29551471Z	79	PC: 12bab \| Find next file
2018-12-17T22:25:11.300097064Z	26	PC: 12ba3 \| Set disk transfer address
2018-12-17T22:25:11.301433397Z	71	PC: 12b50 \| Get current directory
2018-12-17T22:25:11.304604258Z	59	PC: 12b57 \| Change current directory
2018-12-17T22:25:11.316206144Z	14	PC: 12b6e \| Set default drive (Drive = 'A')
2018-12-17T22:25:11.317719772Z	59	PC: 12b75 \| Change current directory
2018-12-17T22:25:11.322410192Z	76	PC: 12b7a \| Terminate with return code (Return code = '0')