ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-18 17:36:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
364cc2fc1a
MalwareSourceCode/MSDOS/Virus.MSDOS.Unknown.tpe-gen.asm
vxunderground 3e7d2e8262
Add files via upload
2021-01-12 18:01:59 -06:00

101 lines
3.6 KiB
NASM
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

;----------------------------------------------------------------------------
; TPE-GEN - This program generates 50 TPE encrypted test files
;
; This source can be compiled with MASM 5.0 or TASM 2.01
; (and perhaps others too, but this is not tested.)
;----------------------------------------------------------------------------
.model tiny
.RADIX 16
.code
extrn crypt:near ;external routines in engine
extrn rnd_get:near
extrn rnd_init:near
org 0100
begin: call rnd_init ;init. random number generator
mov dx,offset starttxt ;print message
mov ah,09
int 21
mov cx,50d ;repeat 50 times
lop: push cx
mov ah,3C ;create a new file
mov dx,offset filename
mov cx,0020
int 21
xchg ax,bx
push ds
push es
push bx
mov ax,cs ;input parameters for engine
mov ds,ax
add ax,0400
mov es,ax ;ES = DS + 400h
xor si,si ;code will be right after decr.
mov dx,offset hello ;this will be encrtypted
mov cx,100d ;length of code to encrypt
mov bp,0100 ;decryptor will start at 100h
call rnd_get ;AX register will be random
call crypt ;call the engine
pop bx ;write crypted file
mov ah,40
int 21
mov ah,3E ;close the file
int 21
pop es
pop ds
mov di,offset filename ;adjust name for next file
mov bx,7 ; (increment number)
incnum: inc byte ptr ds:[bx+di]
cmp byte ptr ds:[bx+di],'9'
jbe numok
mov byte ptr ds:[bx+di],'0'
dec bx
jnz incnum
numok: pop cx ;do it again...
loop lop
exit: int 20
;----------------------------------------------------------------------------
; Text and data
;----------------------------------------------------------------------------
starttxt db 'TPE-GEN - Generates 50 TPE encrypted test files.'
db 0Dh, 0Ah, '$'
filename db '00000000.COM',0
;----------------------------------------------------------------------------
; The small test file that will be encrypted
;----------------------------------------------------------------------------
hello: call next ;get relative offset
next: pop dx
add dx,10d ;find begin of message
mov ah,09 ;print message
int 21
int 20
db 'Hello, world!', 0Dh, 0A, '$'
db (100d) dup (90)
end begin

Reference in New Issue View Git Blame Copy Permalink