assembly – Cant assemble EICAR test file with NASM

assembly – Cant assemble EICAR test file with NASM

Try nasm -O0 -fbin

The -O0 (capital o, zero) will turn off all optimizations. Nasm tries to help you.

Also, if you tweak your source code a little…

bits 16
[org 100h]    
pop  ax
xor  ax,214Fh
push ax
and  ax,4140h
push ax
pop  bx
xor al,5Ch
push ax
pop  dx
pop  ax
xor  ax,2834h
push ax
pop  si
sub  [bx],si
inc  bx
inc  bx
sub  [bx],si
db   }$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$
dec  ax
sub  cx,[bx+si+2Ah]

it works. My AV just flagged the output.

That jge seems to be the problem. Look at how it can be assembled – different length jumps, etc. That most likely explains the difference in the files, especially since your output seems to be a different length than the correct output.

assembly – Cant assemble EICAR test file with NASM

Leave a Reply

Your email address will not be published. Required fields are marked *