help a noob please, what is this trojan trying to do on my computer? thank you
help a noob please, what is this trojan trying to do on my computer? thank you

first of all sorry about my bad English. I downloaded a bad file , upon clicking on it, nothing happened and then the file auto-delete. I knew it was fishy and my anti-virus did not detect a single thing! so I open the task manager and I see this running in background :

I click right click on it and click “Open file location” , it was siting in “..AppDataLocalGraphics Codec Stacks ver8.69” this folder was empty (even with “View Hidden Items” on) . I try to walk back to ‘Local’ and again the ‘Graphics Codec Stacks ver8.69’ folder was not there(hidden) so I power shell and do this :


then this :


I used shutil module from python to copy that folder to desktop (I run a scan on it by antivirus and still nothing) then I downloaded jetbrains dotpeek to “decompile” it , it was written in C# and the code was completely random , like all I see are irrelevant math equations. the code is completely obfuscated . like this :

using Microsoft;

using syeasrasrfasr;

using System;

using System.Windows.Forms;

namespace Microsofts


internal class Program



private static void Main()


u003CModuleu003E.RunAction = 0;

int int32_1 = Convert.ToInt32(-2.0 - 2.0);

if ((Convert.ToInt32(5.86214091642749E+17 / 541393614.5) ^Convert.ToInt32(679511851.643738 - Math.Log(339755916.0))) ==Convert.ToInt32(872759619.0 + Math.Truncate(872759618.5)))


u003CModuleu003E.RunAction = Convert.ToInt32(1.45969769413186 +Math.Cos(1.0));

int num = sizeof (float);

int32_1 += num;


I kept a copy of the decompiled folder of the trojan, if anybody can or want to read this , I can send it to you , I’m really curious about what is this doing on my computer and how they can manage to make it completely indictable by antivirus software. thank you

submitted by /u/100k51
[link] [comments]

By admin