ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-21 02:46:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
f2ac1ece55
MalwareSourceCode/MSIL/HackTool/Win32/K/HackTool.Win32.KMSAuto.i-f317ba4d4051fad64a0aa45b587fa3dcea795bac30acec2872779abe31a07cbe/HybridService/ServiceInstaller.cs

126 lines
3.8 KiB
C#
Raw Normal View History

auto-decompiled msil via petikvx add
2022-08-18 11:28:56 +00:00
// Decompiled with JetBrains decompiler
// Type: HybridService.ServiceInstaller
// Assembly: AutoKMS, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: D1CED9E3-1FC7-49B8-B3AC-44976AB7F6E4
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\HackTool.Win32.KMSAuto.i-f317ba4d4051fad64a0aa45b587fa3dcea795bac30acec2872779abe31a07cbe.exe
using System;
using System.Runtime.InteropServices;
namespace HybridService
{
public class ServiceInstaller
{
[DllImport("advapi32.dll")]
private static extern IntPtr OpenSCManager(
string lpMachineName,
string lpSCDB,
int scParameter);
[DllImport("Advapi32.dll")]
private static extern IntPtr CreateService(
IntPtr SC_HANDLE,
string lpSvcName,
string lpDisplayName,
int dwDesiredAccess,
int dwServiceType,
int dwStartType,
int dwErrorControl,
string lpPathName,
string lpLoadOrderGroup,
int lpdwTagId,
string lpDependencies,
string lpServiceStartName,
string lpPassword);
[DllImport("advapi32.dll")]
private static extern void CloseServiceHandle(IntPtr SCHANDLE);
[DllImport("advapi32.dll")]
private static extern int StartService(
IntPtr SVHANDLE,
int dwNumServiceArgs,
string lpServiceArgVectors);
[DllImport("advapi32.dll", SetLastError = true)]
private static extern IntPtr OpenService(
IntPtr SCHANDLE,
string lpSvcName,
int dwNumServiceArgs);
[DllImport("advapi32.dll")]
private static extern int DeleteService(IntPtr SVHANDLE);
[DllImport("kernel32.dll")]
private static extern int GetLastError();
[DllImport("Kernel32")]
private static extern bool CloseHandle(IntPtr handle);
public static bool InstallService(
string svcPath,
string svcName,
string svcDispName,
bool autoStart,
bool startNow)
{
int scParameter = 2;
int dwServiceType = 16;
int num1 = 3;
int dwErrorControl = 1;
int dwDesiredAccess = 983040 | 1 | 2 | 4 | 8 | 16 | 32 | 64 | 128 | 256;
int num2 = 2;
try
{
int dwStartType = num2;
if (!autoStart)
dwStartType = num1;
IntPtr num3 = ServiceInstaller.OpenSCManager((string) null, (string) null, scParameter);
if (num3.ToInt32() == 0)
return false;
IntPtr service = ServiceInstaller.CreateService(num3, svcName, svcDispName, dwDesiredAccess, dwServiceType, dwStartType, dwErrorControl, svcPath, (string) null, 0, (string) null, (string) null, (string) null);
if (service.ToInt32() == 0)
{
ServiceInstaller.CloseServiceHandle(num3);
return false;
}
if (startNow)
{
if (ServiceInstaller.StartService(service, 0, (string) null) == 0)
return false;
ServiceInstaller.CloseServiceHandle(num3);
ServiceInstaller.CloseServiceHandle(service);
return true;
}
ServiceInstaller.CloseServiceHandle(num3);
ServiceInstaller.CloseServiceHandle(service);
return true;
}
catch (Exception ex)
{
throw ex;
}
}
public static bool UnInstallService(string svcName)
{
IntPtr SCHANDLE = ServiceInstaller.OpenSCManager((string) null, (string) null, 1073741824);
if (SCHANDLE.ToInt32() == 0)
return false;
int dwNumServiceArgs = 65536;
IntPtr num = ServiceInstaller.OpenService(SCHANDLE, svcName, dwNumServiceArgs);
if (num.ToInt32() == 0)
return false;
if (ServiceInstaller.DeleteService(num) != 0)
{
ServiceInstaller.CloseServiceHandle(SCHANDLE);
ServiceInstaller.CloseServiceHandle(num);
return true;
}
ServiceInstaller.CloseServiceHandle(SCHANDLE);
ServiceInstaller.CloseServiceHandle(num);
return false;
}
}
}
Reference in New Issue Copy Permalink