Sample viewer

vx.netlux.org/Trojan.DOS.Edda

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:59:37.36626836Z	78	PC: 12a47 \| Find first file
2018-12-17T22:59:37.372990353Z	61	PC: 12a50 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:59:37.379627981Z	64	PC: 12a5b \| Write file or device (Write 37 bytes on handle 5)
2018-12-17T22:59:37.385809379Z	62	PC: 12a5f \| Close file
2018-12-17T22:59:37.400618128Z	79	PC: 12a63 \| Find next file
2018-12-17T22:59:37.403299692Z	61	PC: 12a50 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:59:37.414623325Z	64	PC: 12a5b \| Write file or device (Write 37 bytes on handle 5)
2018-12-17T22:59:37.430332536Z	62	PC: 12a5f \| Close file
2018-12-17T22:59:37.438942363Z	79	PC: 12a63 \| Find next file
2018-12-17T22:59:37.441851644Z	61	PC: 12a50 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:59:37.448361795Z	64	PC: 12a5b \| Write file or device (Write 37 bytes on handle 5)
2018-12-17T22:59:37.455762226Z	62	PC: 12a5f \| Close file
2018-12-17T22:59:37.463441862Z	79	PC: 12a63 \| Find next file
2018-12-17T22:59:37.465975516Z	61	PC: 12a50 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:59:37.474778835Z	64	PC: 12a5b \| Write file or device (Write 37 bytes on handle 5)
2018-12-17T22:59:37.481286647Z	62	PC: 12a5f \| Close file
2018-12-17T22:59:37.489375269Z	79	PC: 12a63 \| Find next file
2018-12-17T22:59:37.493201107Z	61	PC: 12a50 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:59:37.499830905Z	64	PC: 12a5b \| Write file or device (Write 37 bytes on handle 5)
2018-12-17T22:59:37.506558889Z	62	PC: 12a5f \| Close file
2018-12-17T22:59:37.514654927Z	79	PC: 12a63 \| Find next file
2018-12-17T22:59:37.517175621Z	61	PC: 12a50 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:59:37.523658442Z	64	PC: 12a5b \| Write file or device (Write 37 bytes on handle 5)
2018-12-17T22:59:37.530591766Z	62	PC: 12a5f \| Close file
2018-12-17T22:59:37.538049275Z	79	PC: 12a63 \| Find next file
2018-12-17T22:59:37.540625731Z	61	PC: 12a50 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:59:37.553421211Z	64	PC: 12a5b \| Write file or device (Write 37 bytes on handle 5)
2018-12-17T22:59:37.560165307Z	62	PC: 12a5f \| Close file
2018-12-17T22:59:37.567630972Z	79	PC: 12a63 \| Find next file
2018-12-17T22:59:37.570531206Z	61	PC: 12a50 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:59:37.577306362Z	64	PC: 12a5b \| Write file or device (Write 37 bytes on handle 5)
2018-12-17T22:59:37.583921778Z	62	PC: 12a5f \| Close file
2018-12-17T22:59:37.591814202Z	79	PC: 12a63 \| Find next file