Sample viewer

vx.netlux.org/Virus.DOS.BlackJec.276.d

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:57:40.505133842Z	78	PC: 12a7c \| Find first file
2018-12-17T22:57:40.512052127Z	47	PC: 12a87 \| Get disk transfer address
2018-12-17T22:57:40.514270056Z	61	PC: 12ab6 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:57:40.521420669Z	63	PC: 12ac4 \| Read file or device (Read 407 bytes on handle 5)
2018-12-17T22:57:40.528461725Z	60	PC: 12af6 \| Create or truncate file
2018-12-17T22:57:40.548252378Z	64	PC: 12b08 \| Write file or device (Write 683 bytes on handle 6)
2018-12-17T22:57:40.562910062Z	62	PC: 12b0c \| Close file
2018-12-17T22:57:40.57333004Z	79	PC: 12b11 \| Find next file
2018-12-17T22:57:40.577992324Z	47	PC: 12a87 \| Get disk transfer address
2018-12-17T22:57:40.580777279Z	61	PC: 12ab6 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:57:40.588428663Z	63	PC: 12ac4 \| Read file or device (Read 27 bytes on handle 6)
2018-12-17T22:57:40.59662451Z	60	PC: 12af6 \| Create or truncate file
2018-12-17T22:57:40.610484234Z	64	PC: 12b08 \| Write file or device (Write 303 bytes on handle 7)
2018-12-17T22:57:40.614771072Z	62	PC: 12b0c \| Close file
2018-12-17T22:57:40.625213342Z	79	PC: 12b11 \| Find next file
2018-12-17T22:57:40.630613804Z	47	PC: 12a87 \| Get disk transfer address
2018-12-17T22:57:40.632969012Z	61	PC: 12ab6 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:57:40.641656663Z	63	PC: 12ac4 \| Read file or device (Read 92 bytes on handle 7)
2018-12-17T22:57:40.655152873Z	60	PC: 12af6 \| Create or truncate file
2018-12-17T22:57:40.669973844Z	64	PC: 12b08 \| Write file or device (Write 368 bytes on handle 8)
2018-12-17T22:57:40.674640908Z	62	PC: 12b0c \| Close file
2018-12-17T22:57:40.684750242Z	79	PC: 12b11 \| Find next file
2018-12-17T22:57:40.688030698Z	47	PC: 12a87 \| Get disk transfer address
2018-12-17T22:57:40.689713832Z	61	PC: 12ab6 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:57:40.698136766Z	63	PC: 12ac4 \| Read file or device (Read 29 bytes on handle 8)
2018-12-17T22:57:40.706473588Z	60	PC: 12af6 \| Create or truncate file
2018-12-17T22:57:40.724701083Z	64	PC: 12b08 \| Write file or device (Write 305 bytes on handle 9)
2018-12-17T22:57:40.730629117Z	62	PC: 12b0c \| Close file
2018-12-17T22:57:40.741936643Z	79	PC: 12b11 \| Find next file
2018-12-17T22:57:40.74716989Z	47	PC: 12a87 \| Get disk transfer address
2018-12-17T22:57:40.749142068Z	61	PC: 12ab6 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:57:40.756620696Z	63	PC: 12ac4 \| Read file or device (Read 29 bytes on handle 9)
2018-12-17T22:57:40.763498506Z	60	PC: 12af6 \| Create or truncate file
2018-12-17T22:57:40.777581289Z	64	PC: 12b08 \| Write file or device (Write 305 bytes on handle 10)
2018-12-17T22:57:40.782065619Z	62	PC: 12b0c \| Close file
2018-12-17T22:57:40.791224226Z	79	PC: 12b11 \| Find next file
2018-12-17T22:57:40.794843219Z	47	PC: 12a87 \| Get disk transfer address
2018-12-17T22:57:40.797372043Z	61	PC: 12ab6 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:57:40.804615129Z	63	PC: 12ac4 \| Read file or device (Read 501 bytes on handle 10)
2018-12-17T22:57:40.811592465Z	60	PC: 12af6 \| Create or truncate file
2018-12-17T22:57:40.825087874Z	64	PC: 12b08 \| Write file or device (Write 777 bytes on handle 11)
2018-12-17T22:57:40.834179154Z	62	PC: 12b0c \| Close file
2018-12-17T22:57:40.842736601Z	79	PC: 12b11 \| Find next file
2018-12-17T22:57:40.846765595Z	47	PC: 12a87 \| Get disk transfer address
2018-12-17T22:57:40.847941976Z	61	PC: 12ab6 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:57:40.855506156Z	63	PC: 12ac4 \| Read file or device (Read 29 bytes on handle 11)
2018-12-17T22:57:40.863574874Z	60	PC: 12af6 \| Create or truncate file
2018-12-17T22:57:40.878435889Z	64	PC: 12b08 \| Write file or device (Write 305 bytes on handle 12)
2018-12-17T22:57:40.883022061Z	62	PC: 12b0c \| Close file
2018-12-17T22:57:40.899039321Z	79	PC: 12b11 \| Find next file
2018-12-17T22:57:40.90240629Z	47	PC: 12a87 \| Get disk transfer address
2018-12-17T22:57:40.903959831Z	61	PC: 12ab6 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:57:40.912147733Z	63	PC: 12ac4 \| Read file or device (Read 4372 bytes on handle 12)
2018-12-17T22:57:40.921347767Z	79	PC: 12b11 \| Find next file
2018-12-17T22:57:40.924262066Z	9	PC: 12aca \| Display string (Could not find end pointer)
2018-12-17T22:57:41.106877953Z	76	PC: 12acf \| Terminate with return code (Return code = '0')