Sample viewer

vx.netlux.org/Trojan.DOS.MrTwister

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T21:51:09.146284189Z	59	PC: 12a47 \| Change current directory
2018-12-17T21:51:09.153126171Z	78	PC: 12a66 \| Find first file
2018-12-17T21:51:09.159143743Z	61	PC: 12a74 \| Open file (Filename = 'As')
2018-12-17T21:51:09.165382486Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:09.167974901Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:09.174793085Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:09.176599667Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:09.178732226Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:09.182571401Z	61	PC: 12a74 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T21:51:09.189634887Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:09.19106541Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:09.213333805Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:09.214990631Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:09.221293631Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:09.225491969Z	61	PC: 12a74 \| Open file (Filename = 'PRINT.S')
2018-12-17T21:51:09.23136446Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:09.233163414Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:09.248034899Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:09.249691969Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:09.257103301Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:09.260335982Z	61	PC: 12a74 \| Open file (Filename = 'Ap')
2018-12-17T21:51:09.266289334Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:09.267743042Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:09.270254238Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:09.281756427Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:09.283095481Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:09.285653669Z	61	PC: 12a74 \| Open file (Filename = 'PRINT.COM')
2018-12-17T21:51:09.292680689Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:09.294063882Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:09.302899267Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:09.305550153Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:09.313405683Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:09.315962865Z	61	PC: 12a74 \| Open file (Filename = 'Ah')
2018-12-17T21:51:09.32324862Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:09.325133032Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:09.327056262Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:09.329491673Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:09.331257372Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:09.334937055Z	61	PC: 12a74 \| Open file (Filename = 'HELLO.COM')
2018-12-17T21:51:09.343808312Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:09.345151703Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:09.354263925Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:09.369551952Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:09.377449992Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:09.380694737Z	61	PC: 12a74 \| Open file (Filename = 'Ap')
2018-12-17T21:51:09.389368998Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:09.391369162Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:09.393301875Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:09.395397338Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:09.398182736Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:09.40111019Z	61	PC: 12a74 \| Open file (Filename = 'PHANG.COM')
2018-12-17T21:51:09.408020401Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:09.410276431Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:09.418925838Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:09.421402863Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:09.430091622Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:09.434004015Z	61	PC: 12a74 \| Open file (Filename = 'Bc')
2018-12-17T21:51:09.440292235Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:09.443094926Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:09.445122183Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:09.446769765Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:09.449281123Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:09.451890424Z	61	PC: 12a74 \| Open file (Filename = 'p')
2018-12-17T21:51:09.4563203Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:09.458849766Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:09.460678147Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:09.462424566Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:09.464606445Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:09.467381134Z	61	PC: 12a74 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T21:51:09.474412633Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:09.477288523Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:09.485832903Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:09.48757962Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:09.496388506Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:09.499630467Z	61	PC: 12a74 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T21:51:09.506279013Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:09.508112948Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:09.517881501Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:09.519605511Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:09.52708559Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:09.530908277Z	61	PC: 12a74 \| Open file (Filename = 'PAH.COM')
2018-12-17T21:51:09.537540507Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:09.539178051Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:09.548721507Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:09.55016959Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:09.558088892Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:09.562069801Z	61	PC: 12a74 \| Open file (Filename = 'TEST.EXE')
2018-12-17T21:51:09.568502666Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:09.569833585Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:09.578636795Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:09.580359274Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:09.587969359Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:09.591781242Z	57	PC: 12aad \| Create subdirectory
2018-12-17T21:51:09.603829577Z	57	PC: 12ab6 \| Create subdirectory
2018-12-17T21:51:09.61655965Z	57	PC: 12abf \| Create subdirectory
2018-12-17T21:51:09.629905776Z	57	PC: 12ac8 \| Create subdirectory
2018-12-17T21:51:09.642512663Z	57	PC: 12ab6 \| Create subdirectory
2018-12-17T21:51:09.648814541Z	57	PC: 12abf \| Create subdirectory
2018-12-17T21:51:09.656122015Z	57	PC: 12ac8 \| Create subdirectory
2018-12-17T21:51:09.662473441Z	59	PC: 12a55 \| Change current directory
2018-12-17T21:51:09.671256053Z	78	PC: 12a66 \| Find first file
2018-12-17T21:51:09.682480699Z	61	PC: 12a74 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T21:51:09.689556594Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:09.690994776Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:09.699373325Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:09.700889244Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:09.70812676Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:09.711574973Z	61	PC: 12a74 \| Open file (Filename = 'PRINT.S')
2018-12-17T21:51:09.718245734Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:09.719910962Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:09.899086316Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:09.901497256Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:09.918819095Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:09.922244203Z	61	PC: 12a74 \| Open file (Filename = 'PRINT.COM')
2018-12-17T21:51:09.929415972Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:09.931035245Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:10.153589746Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:10.156320243Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:10.370209016Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:10.373319045Z	61	PC: 12a74 \| Open file (Filename = 'HELLO.COM')
2018-12-17T21:51:10.381631039Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:10.383629081Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:10.393085414Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:10.395261201Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:10.404967766Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:10.408351459Z	61	PC: 12a74 \| Open file (Filename = 'PHANG.COM')
2018-12-17T21:51:10.416796262Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:10.418301894Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:10.427322848Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:10.429545954Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:10.436679287Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:10.440066696Z	61	PC: 12a74 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T21:51:10.447215075Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:10.448723729Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:10.456725837Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:10.459490747Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:10.467171265Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:10.470010842Z	61	PC: 12a74 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T21:51:10.4777163Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:10.47980459Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:10.488144736Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:10.490429706Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:10.497391804Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:10.500001771Z	61	PC: 12a74 \| Open file (Filename = 'PAH.COM')
2018-12-17T21:51:10.507744509Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:10.509136853Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:10.517154856Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:10.5197018Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:10.531209635Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:10.534233903Z	61	PC: 12a74 \| Open file (Filename = 'TEST.EXE')
2018-12-17T21:51:10.542291068Z	87	PC: 12a7a \| Get or set file date and time
2018-12-17T21:51:10.544658192Z	64	PC: 12a88 \| Write file or device (Write 12288 bytes on handle 2)
2018-12-17T21:51:10.554119765Z	87	PC: 12a8f \| Get or set file date and time
2018-12-17T21:51:10.557626231Z	62	PC: 12a93 \| Close file
2018-12-17T21:51:10.565425745Z	79	PC: 12a66 \| Find next file
2018-12-17T21:51:10.572229262Z	57	PC: 12aad \| Create subdirectory
2018-12-17T21:51:10.579147898Z	57	PC: 12ab6 \| Create subdirectory
2018-12-17T21:51:10.586851128Z	57	PC: 12abf \| Create subdirectory
2018-12-17T21:51:10.593494588Z	57	PC: 12ac8 \| Create subdirectory