Sample viewer

vx.netlux.org/Trojan.DOS.IP-Flood

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:25:44.188938829Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:25:44.191162721Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:25:44.192518129Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:25:44.194148324Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:25:44.196342453Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:25:44.197850472Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:25:44.199380226Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:25:44.201457507Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:25:44.203088144Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:25:44.204529417Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:25:44.206742049Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:25:44.207953609Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:25:44.208999539Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:25:44.210370984Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:25:44.211864852Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:25:44.213264649Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:25:44.214867531Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:25:44.216389952Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:25:44.217530523Z	53	PC: 1382a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:25:44.218687001Z	37	PC: 1383f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:25:44.219920462Z	37	PC: 13847 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:25:44.220926845Z	37	PC: 1384f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:25:44.221954848Z	37	PC: 13857 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:25:44.223901932Z	68	PC: 140e8 \| I/O control for devices (Set for = '�^��1��7�u�9�&�G&�W3�5�;�=�Ìَ��.��tD��')
2018-12-17T22:25:44.362949293Z	64	PC: 13c48 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:25:44.364993032Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:25:44.367177212Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:25:44.368446783Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:25:44.369698916Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:25:44.371865768Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:25:44.372837296Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:25:44.373841847Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:25:44.37533903Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:25:44.376632217Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:25:44.377824169Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:25:44.379818638Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:25:44.38085389Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:25:44.381857348Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:25:44.383536489Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:25:44.384539343Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:25:44.385567732Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:25:44.387009906Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:25:44.387957434Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:25:44.38911338Z	37	PC: 13981 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:25:44.391058421Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.393018443Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.395215434Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.397886001Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.400767313Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.402730064Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.419135267Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.421160541Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.42319535Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.42562695Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.42750049Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.429379604Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.431665714Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.434154794Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.436069336Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.438478735Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.440514254Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.442402953Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.445540623Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.44755714Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.449580239Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.452100294Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.45409466Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.455978075Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.458584107Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.46055247Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.462516763Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.464658477Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.467030059Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.468909353Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.471779363Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.474105867Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.476263498Z	6	PC: 13a08 \| Direct console I/O
2018-12-17T22:25:44.480199004Z	76	PC: 139c0 \| Terminate with return code (Return code = '200')