Sample viewer

vx.netlux.org/Virus.DOS.BlackJec.235

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:50:00.918574439Z	78	PC: 12a7d \| Find first file
2018-12-17T22:50:00.92305596Z	47	PC: 12a88 \| Get disk transfer address
2018-12-17T22:50:00.924537214Z	61	PC: 12a9e \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:50:00.929272818Z	63	PC: 12aac \| Read file or device (Read 407 bytes on handle 5)
2018-12-17T22:50:00.933626996Z	60	PC: 12acb \| Create or truncate file
2018-12-17T22:50:00.94905929Z	64	PC: 12add \| Write file or device (Write 642 bytes on handle 6)
2018-12-17T22:50:00.958326262Z	62	PC: 12ae1 \| Close file
2018-12-17T22:50:00.96748536Z	79	PC: 12ae6 \| Find next file
2018-12-17T22:50:00.97095312Z	47	PC: 12a88 \| Get disk transfer address
2018-12-17T22:50:00.972269377Z	61	PC: 12a9e \| Open file (Filename = 'PRINT.S')
2018-12-17T22:50:00.979618093Z	63	PC: 12aac \| Read file or device (Read 92 bytes on handle 6)
2018-12-17T22:50:00.987363039Z	60	PC: 12acb \| Create or truncate file
2018-12-17T22:50:01.001733605Z	64	PC: 12add \| Write file or device (Write 327 bytes on handle 7)
2018-12-17T22:50:01.005793619Z	62	PC: 12ae1 \| Close file
2018-12-17T22:50:01.015231124Z	79	PC: 12ae6 \| Find next file
2018-12-17T22:50:01.018299131Z	47	PC: 12a88 \| Get disk transfer address
2018-12-17T22:50:01.019757834Z	61	PC: 12a9e \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:50:01.027412813Z	63	PC: 12aac \| Read file or device (Read 27 bytes on handle 7)
2018-12-17T22:50:01.034771692Z	60	PC: 12acb \| Create or truncate file
2018-12-17T22:50:01.048303649Z	64	PC: 12add \| Write file or device (Write 262 bytes on handle 8)
2018-12-17T22:50:01.05213899Z	62	PC: 12ae1 \| Close file
2018-12-17T22:50:01.061488985Z	79	PC: 12ae6 \| Find next file
2018-12-17T22:50:01.064264816Z	47	PC: 12a88 \| Get disk transfer address
2018-12-17T22:50:01.065266192Z	61	PC: 12a9e \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:50:01.072889366Z	63	PC: 12aac \| Read file or device (Read 92 bytes on handle 8)
2018-12-17T22:50:01.079875514Z	60	PC: 12acb \| Create or truncate file
2018-12-17T22:50:01.093632737Z	64	PC: 12add \| Write file or device (Write 327 bytes on handle 9)
2018-12-17T22:50:01.102257419Z	62	PC: 12ae1 \| Close file
2018-12-17T22:50:01.111452165Z	79	PC: 12ae6 \| Find next file
2018-12-17T22:50:01.114784872Z	47	PC: 12a88 \| Get disk transfer address
2018-12-17T22:50:01.117379237Z	61	PC: 12a9e \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:50:01.125439943Z	63	PC: 12aac \| Read file or device (Read 29 bytes on handle 9)
2018-12-17T22:50:01.132782211Z	60	PC: 12acb \| Create or truncate file
2018-12-17T22:50:01.149270672Z	64	PC: 12add \| Write file or device (Write 264 bytes on handle 10)
2018-12-17T22:50:01.154852999Z	62	PC: 12ae1 \| Close file
2018-12-17T22:50:01.164525127Z	79	PC: 12ae6 \| Find next file
2018-12-17T22:50:01.169899269Z	47	PC: 12a88 \| Get disk transfer address
2018-12-17T22:50:01.17178455Z	61	PC: 12a9e \| Open file (Filename = 'PAH.COM')
2018-12-17T22:50:01.179355162Z	63	PC: 12aac \| Read file or device (Read 29 bytes on handle 10)
2018-12-17T22:50:01.186005437Z	60	PC: 12acb \| Create or truncate file
2018-12-17T22:50:01.202529095Z	64	PC: 12add \| Write file or device (Write 264 bytes on handle 11)
2018-12-17T22:50:01.206963409Z	62	PC: 12ae1 \| Close file
2018-12-17T22:50:01.217866417Z	79	PC: 12ae6 \| Find next file
2018-12-17T22:50:01.223591026Z	47	PC: 12a88 \| Get disk transfer address
2018-12-17T22:50:01.22565645Z	61	PC: 12a9e \| Open file (Filename = 'TEST.COM')
2018-12-17T22:50:01.233200765Z	63	PC: 12aac \| Read file or device (Read 5355 bytes on handle 11)
2018-12-17T22:50:01.242493532Z	79	PC: 12ae6 \| Find next file
2018-12-17T22:50:01.246245579Z	9	PC: 12a85 \| Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-17T22:50:01.252654854Z	0	PC: 12a89 \| Program terminate