mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2024-12-20 18:36:10 +00:00
156 lines
3.9 KiB
C#
156 lines
3.9 KiB
C#
|
// Decompiled with JetBrains decompiler
|
|||
|
// Type: fb
|
|||
|
// Assembly: XobniService, Version=1.8.3.7917, Culture=neutral, PublicKeyToken=6298d2d1fcfb5d85
|
|||
|
// MVID: EA9F7D71-4A8D-4739-A320-5F01FC76E972
|
|||
|
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Trojan.Win32.Patched.mf-01164dae267b1f13c988de64e7fce38753b97528a3dc3fe730e191fc953c65ba.exe
|
|||
|
|
|||
|
using System;
|
|||
|
using System.Diagnostics;
|
|||
|
using System.IO;
|
|||
|
using XobniLogging;
|
|||
|
|
|||
|
internal static class fb
|
|||
|
{
|
|||
|
private const string a = "XobniServiceUpdates";
|
|||
|
private const string b = "XobniServiceUpdatesExec";
|
|||
|
|
|||
|
internal static void a()
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
if (!rx.g())
|
|||
|
{
|
|||
|
ady.a(Level.Debug, "CheckForNewUpdates disabled by Group Policy");
|
|||
|
return;
|
|||
|
}
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ady.a(Level.Exception, "Group Policy", ex);
|
|||
|
}
|
|||
|
try
|
|||
|
{
|
|||
|
ady.a(Level.Debug, "CheckForNewUpdates started");
|
|||
|
if (hs.b(Path.Combine(hs.a(), "XobniServiceUpdates"), "XobniServiceUpdates") == null)
|
|||
|
return;
|
|||
|
ady.a(Level.Debug, "Update is available.");
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ady.a(Level.Exception, "Top level", ex);
|
|||
|
}
|
|||
|
finally
|
|||
|
{
|
|||
|
ady.a(Level.Debug, "Finished.");
|
|||
|
}
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ady.a(Level.Exception, "Outer catch block", ex);
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
internal static void a(bool? A_0)
|
|||
|
{
|
|||
|
if (A_0.GetValueOrDefault(false))
|
|||
|
return;
|
|||
|
try
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
if (!rx.g())
|
|||
|
{
|
|||
|
ady.a(Level.Debug, "RunExistingUpdates disabled by Group Policy");
|
|||
|
return;
|
|||
|
}
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ady.a(Level.Exception, "Group Policy", ex);
|
|||
|
}
|
|||
|
ady.a(Level.Debug, "RunExistingUpdates started");
|
|||
|
string path1 = hs.a();
|
|||
|
string str1 = Path.Combine(path1, "XobniServiceUpdates");
|
|||
|
string str2 = Path.Combine(path1, "XobniServiceUpdatesExec");
|
|||
|
if (!hs.c(str1))
|
|||
|
return;
|
|||
|
aaa A_1 = hs.b("XobniServiceUpdatesPreUpdate");
|
|||
|
if (A_1 == null)
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
if (!Directory.Exists(str1))
|
|||
|
return;
|
|||
|
foreach (string file in Directory.GetFiles(str1))
|
|||
|
File.Delete(file);
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ady.a(Level.Exception, "Couldn't delete existing downloads from " + str1, ex);
|
|||
|
}
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
string str3 = Path.Combine(str1, A_1.b());
|
|||
|
string str4 = Path.Combine(str2, A_1.b());
|
|||
|
if (!hs.a(str1, A_1))
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
File.Delete(str3);
|
|||
|
ady.a(Level.Debug, "Deleted unverified download:" + str3);
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ady.a(Level.Exception, "Couldn't delete unverified download: " + str3, ex);
|
|||
|
}
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
if (!Directory.Exists(str2))
|
|||
|
{
|
|||
|
ady.a(Level.Debug, "Creating updates exec directory.");
|
|||
|
Directory.CreateDirectory(str2);
|
|||
|
}
|
|||
|
if (File.Exists(str4))
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
File.Delete(str4);
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ady.a(Level.Exception, "Could not delete target file " + str4, ex);
|
|||
|
}
|
|||
|
}
|
|||
|
try
|
|||
|
{
|
|||
|
File.Move(str3, str4);
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ady.a(Level.Exception, "Could not move file " + str3 + " to " + str4, ex);
|
|||
|
}
|
|||
|
Process.Start(str4);
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
catch (Exception ex)
|
|||
|
{
|
|||
|
ady.a(Level.Exception, "Top level", ex);
|
|||
|
}
|
|||
|
finally
|
|||
|
{
|
|||
|
ady.a(Level.Debug, "Finished.");
|
|||
|
}
|
|||
|
}
|
|||
|
catch
|
|||
|
{
|
|||
|
}
|
|||
|
}
|
|||
|
}
|