Sample viewer

vx.netlux.org/Virus.DOS.BlackJec.287.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:12:26.765570919Z	78	PC: 12a81 \| Find first file
2018-12-17T23:12:26.772658292Z	47	PC: 12a8c \| Get disk transfer address
2018-12-17T23:12:26.774157142Z	61	PC: 12abb \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:12:26.780900215Z	63	PC: 12ac9 \| Read file or device (Read 407 bytes on handle 5)
2018-12-17T23:12:26.793146294Z	60	PC: 12afb \| Create or truncate file
2018-12-17T23:12:26.813643077Z	64	PC: 12b0d \| Write file or device (Write 694 bytes on handle 6)
2018-12-17T23:12:26.825884889Z	62	PC: 12b11 \| Close file
2018-12-17T23:12:26.837314951Z	79	PC: 12b1c \| Find next file
2018-12-17T23:12:26.839991307Z	47	PC: 12a8c \| Get disk transfer address
2018-12-17T23:12:26.841362268Z	61	PC: 12abb \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:12:26.848563582Z	63	PC: 12ac9 \| Read file or device (Read 27 bytes on handle 6)
2018-12-17T23:12:26.855015341Z	60	PC: 12afb \| Create or truncate file
2018-12-17T23:12:26.866870203Z	64	PC: 12b0d \| Write file or device (Write 314 bytes on handle 7)
2018-12-17T23:12:26.872146631Z	62	PC: 12b11 \| Close file
2018-12-17T23:12:26.88007013Z	79	PC: 12b1c \| Find next file
2018-12-17T23:12:26.882614665Z	47	PC: 12a8c \| Get disk transfer address
2018-12-17T23:12:26.883715067Z	61	PC: 12abb \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:12:26.890280204Z	63	PC: 12ac9 \| Read file or device (Read 92 bytes on handle 7)
2018-12-17T23:12:26.896499118Z	60	PC: 12afb \| Create or truncate file
2018-12-17T23:12:27.065610667Z	64	PC: 12b0d \| Write file or device (Write 379 bytes on handle 8)
2018-12-17T23:12:27.070786131Z	62	PC: 12b11 \| Close file
2018-12-17T23:12:27.211856571Z	9	PC: 12aca \| Display string (String= '(C) 2000 Rising Computer Sci & Tech Inc. Host program for virus, DOSCOM Version. It's original size is 4567H. Maybe you've just released a virus! ')
2018-12-17T23:12:27.223223339Z	76	PC: 12acf \| Terminate with return code (Return code = '0')