vxug-MalwareSourceCode/MSDOS/Virus.MSDOS.Unknown.m-gen.asm

.286
.model  small
.code
         org     0100h

msg_addr equ     offset msg - offset proc_start- 3

         extrn   mime:near,emime:near

                      ; <20>H<EFBFBD>U<EFBFBD>{<7B><><EFBFBD>A<EFBFBD><41><EFBFBD>F<EFBFBD>n<EFBFBD>`<60>N<EFBFBD><4E><EFBFBD>a<EFBFBD>観<EFBFBD>`<60>ѡA<D1A1>䥦<EFBFBD><E4A5A6><EFBFBD><EFBFBD><EFBFBD>ۤv<DBA4><76><EFBFBD>s

start:
         mov     ah,09h
         mov     dx,offset dg_msg
         int     21h

         mov     ax,offset emime+000fh ; <20><><EFBFBD>{<7B><> + mime+000fh <20><><EFBFBD>᪺<EFBFBD><E1AABA><EFBFBD>}
                                   ; <20>Y<EFBFBD><59> 0100h <20>h<EFBFBD><68><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>{<7B><> + mime <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>

         shr     ax,4
         mov     bx,cs
         add     bx,ax

         mov     es,bx                   ; <20>] es <20>Ψө<CEA8><D3A9>ѽX<D1BD>{<7B><><EFBFBD>M<EFBFBD>Q<EFBFBD>s<EFBFBD>X<EFBFBD><58><EFBFBD><EFBFBD>
                                                ; <20>ѽX<D1BD>{<7B><><EFBFBD>̤j<CCA4><6A> 1024 bytes
                                ; <20>Y<EFBFBD>Φb<CEA6>`<60>n<EFBFBD>{<7B><><EFBFBD>ɡA<C9A1>h<EFBFBD><68><EFBFBD>`<60>N<EFBFBD><4E><EFBFBD>t<EFBFBD><74><EFBFBD>O<EFBFBD><4F><EFBFBD><EFBFBD><EFBFBD>j<EFBFBD>p

         mov     cx,50
dg_l0:
         push    cx
         mov     ah,3ch
         xor     cx,cx
         mov     dx,offset file_name
         int     21h
         xchg    bx,ax

         mov     cx,offset proc_end-offset proc_start    ; <20>Q<EFBFBD>s<EFBFBD>X<EFBFBD>{<7B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>

         mov     si,offset proc_start         ; ds:si -> <20>n<EFBFBD>Q<EFBFBD>s<EFBFBD>X<EFBFBD><58><EFBFBD>{<7B><><EFBFBD><EFBFBD><EFBFBD>}
         xor     di, di

         push    bx                                      ; <20>O<EFBFBD>s file handle

         mov     bx, 100h                                ; com <20>Ҧ<EFBFBD>

         call    mime

         pop     bx

         mov     ah,40h        ; <20><><EFBFBD>^<5E><> ds:dx = <20>ѽX<D1BD>{<7B><> + <20>Q<EFBFBD>s<EFBFBD>X<EFBFBD>{<7B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>}
         int     21h     ; cx = <20>ѽX<D1BD>{<7B><> + <20>Q<EFBFBD>s<EFBFBD>X<EFBFBD>{<7B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>סA<D7A1>䥦<EFBFBD>Ȧs<C8A6><73><EFBFBD><EFBFBD><EFBFBD><EFBFBD>

         mov     ah,3eh
         int     21h

         push    cs
         pop     ds                                          ; <20>N ds <20>]<5D>^<5E><>

         mov     bx,offset file_num
         inc     byte ptr ds:[bx+0001h]
         cmp     byte ptr ds:[bx+0001h],'9'
         jbe     dg_l1
         inc     byte ptr ds:[bx]
         mov     byte ptr ds:[bx+0001h],'0'
dg_l1:
         pop     cx
         loop    dg_l0
         mov     ah,4ch
         int     21h

file_name db     '000000'
file_num db      '00.com',00h

dg_msg   db      'generates 50 mime encrypted test files.',0dh,0ah,'$'

proc_start:
         call    $+0003h
         pop     dx
         add     dx,msg_addr
         mov     ah,09h
         int     21h
         int     20h
msg      db      'This is <MIME> test file.$'
proc_end:
         end     start