Sample viewer

vx.netlux.org/Virus.DOS.BlackJec.287.d

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:22:57.553459077Z	78	PC: 12a81 \| Find first file
2018-12-17T22:22:57.559855767Z	47	PC: 12a8c \| Get disk transfer address
2018-12-17T22:22:57.561154751Z	61	PC: 12abb \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:22:57.567924844Z	63	PC: 12ac9 \| Read file or device (Read 407 bytes on handle 5)
2018-12-17T22:22:57.575626931Z	60	PC: 12afb \| Create or truncate file
2018-12-17T22:22:57.596990377Z	64	PC: 12b0d \| Write file or device (Write 694 bytes on handle 6)
2018-12-17T22:22:57.605169999Z	62	PC: 12b11 \| Close file
2018-12-17T22:22:57.614083317Z	79	PC: 12b1c \| Find next file
2018-12-17T22:22:57.617166999Z	47	PC: 12a8c \| Get disk transfer address
2018-12-17T22:22:57.618660472Z	61	PC: 12abb \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:22:57.625658304Z	63	PC: 12ac9 \| Read file or device (Read 27 bytes on handle 6)
2018-12-17T22:22:57.635934623Z	60	PC: 12afb \| Create or truncate file
2018-12-17T22:22:57.648247473Z	64	PC: 12b0d \| Write file or device (Write 314 bytes on handle 7)
2018-12-17T22:22:57.652227485Z	62	PC: 12b11 \| Close file
2018-12-17T22:22:57.661772401Z	79	PC: 12b1c \| Find next file
2018-12-17T22:22:57.665441909Z	47	PC: 12a8c \| Get disk transfer address
2018-12-17T22:22:57.667195558Z	61	PC: 12abb \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:22:57.676967497Z	63	PC: 12ac9 \| Read file or device (Read 92 bytes on handle 7)
2018-12-17T22:22:57.684255765Z	60	PC: 12afb \| Create or truncate file
2018-12-17T22:22:57.696759935Z	64	PC: 12b0d \| Write file or device (Write 379 bytes on handle 8)
2018-12-17T22:22:57.701275433Z	62	PC: 12b11 \| Close file
2018-12-17T22:22:57.71034016Z	9	PC: 12aca \| Display string (String= '(C) 2000 Rising Computer Sci & Tech Inc. Host program for virus, DOSCOM Version. It's original size is 10000. Maybe you've just released a virus! ')
2018-12-17T22:22:57.721047083Z	76	PC: 12acf \| Terminate with return code (Return code = '0')