ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-22 11:26:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
71cdcf7dce
MalwareSourceCode/MSIL/Trojan-Dropper/Win32/S/Trojan-Dropper.Win32.Sysn.bshb-a13f90b28df8b73652beb4c3c95ff1b8dc0c2fc41dee8f7d6acdd43828a0aadc/API.cs
vxunderground f2ac1ece55 auto-decompiled msil via petikvx 
add
2022-08-18 06:28:56 -05:00

68 lines
2.1 KiB
C#
Raw Blame History

// Decompiled with JetBrains decompiler
// Type: Poly.API
// Assembly: Poly, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: 618F3010-979B-4F78-8F99-D5C35E30AA2E
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare.00004-msil\Trojan-Dropper.Win32.Sysn.bshb-a13f90b28df8b73652beb4c3c95ff1b8dc0c2fc41dee8f7d6acdd43828a0aadc.exe
using System;
using System.Runtime.InteropServices;
using System.Text;
namespace Poly
{
public static class API
{
private const uint LOCALE_SYSTEM_DEFAULT = 1024;
[DllImport("kernel32.dll", CharSet = CharSet.Unicode, SetLastError = true)]
public static extern bool MoveFileEx(
string lpExistingFileName,
string lpNewFileName,
API.MoveFileFlags dwFlags);
[DllImport("kernel32.dll")]
public static extern int GetLocaleInfo(
uint Locale,
uint LCType,
[Out] StringBuilder lpLCData,
int cchData);
public static string GetInfo(uint lInfo)
{
StringBuilder lpLCData = new StringBuilder(256);
int localeInfo = API.GetLocaleInfo(1024U, lInfo, lpLCData, lpLCData.Capacity);
return localeInfo > 0 ? lpLCData.ToString().Substring(0, localeInfo - 1) : string.Empty;
}
[DllImport("kernel32.dll")]
public static extern bool GetVersionEx(ref API.OSVERSIONINFOEX osVersionInfo);
[Flags]
public enum MoveFileFlags
{
MOVEFILE_REPLACE_EXISTING = 1,
MOVEFILE_COPY_ALLOWED = 2,
MOVEFILE_DELAY_UNTIL_REBOOT = 4,
MOVEFILE_WRITE_THROUGH = 8,
MOVEFILE_CREATE_HARDLINK = 16, // 0x00000010
MOVEFILE_FAIL_IF_NOT_TRACKABLE = 32, // 0x00000020
}
public struct OSVERSIONINFOEX
{
public int dwOSVersionInfoSize;
public int dwMajorVersion;
public int dwMinorVersion;
public int dwBuildNumber;
public int dwPlatformId;
[MarshalAs(UnmanagedType.ByValTStr, SizeConst = 128)]
public string szCSDVersion;
public short wServicePackMajor;
public short wServicePackMinor;
public short wSuiteMask;
public byte wProductType;
public byte wReserved;
}
}
}
Reference in New Issue View Git Blame Copy Permalink