First it starts something called - get_key and get_IV
when pressing there, it sends me somewhere, where this .ctor string is which you can find also down there after base64 string @MemoryStream:
then back to the normal script -> it sets the key, the IV and a Mode -> System.Security.Cryptography.CipherMode
then it starts something like this
call unsigned int8[] [mscorlib]System.Convert::FromBase64String(string)
newobj instance void [mscorlib]System.IO.MemoryStream::.ctor(unsigned int8[])
then it starts some action which can end in a red line to a script with a false command, or a green line with something other.
.ctor string sets following two things:
ldtoken valuetype __StaticArrayInitTypeSize=9 <PrivateImplementationDetails>::E8C040FA7AE8F580FC F9EDAB3EC4CDC003EF9775 <-- possible secret key?
call void [mscorlib]System.Runtime.CompilerServices.RuntimeHelpers::In itializeArray(class [mscorlib]System.Array, valuetype [mscorlib]System.RuntimeFieldHandle)
stloc.0
ldstr aFroahasshasvgh // "FRoaHAsSHAsVGhkLEhke" <-- possible the secret or other salting key?