#Input and Activate Windows key  //b is to suppress output
slmgr.vbs //b -ipk xxxx-xxxx-xxxx-xxxx-xxxx; #Replace xxxx with product key
slmgr.vbs //b -ato


#Create .bat file
Add-Content $temp\scrap.txt 'del %userprofile%\Desktop\xxxxx.exe' #Replace xxxx with application name made from PS2EXE.
Add-Content $temp\scrap.txt 'del "%~f0"'
Get-ChildItem $temp\scrap.txt| Rename-Item -NewName {[System.IO.Path]::ChangeExtension($_.Name, ".bat")}
Start-Process $temp\scrap.bat

WindowsActivationSelfDeleteEXE

I needed something portable that would run on Windows machines. I could not use Java, C++, python, etc as it may or may not be included in the system. I narrowed it down to PowerShell and CMD as they are built in to Windows.

This .exe will run whatever powershell code you put in, then delete the .exe from the system leaving no traces.

As some may know an .exe is loaded onto the systems registry upon executing. Having code in the script to delete itself (.exe) while running is not allowed. There are workarounds such as editing the registry or putting the process to sleep then deleting, but I did not want it to be that intrusive and wanted to focus on stealth.

What I did was spawn a .bat file from the .exe, then this bat file would delete the exe and itself after the exe process ended. The bat file is created in temp directory, while the default exe location would be on the User’s Desktop.

Why do this? If you need to something malicious without leaving a trace, you can replace the default Windows activation statements with malicious code of your own such as deleting critical files, or disk bombing.

This will require system administrator privileges to run, this would be a good b0mb to run after post exploitation, or mask it as a popular .exe so the user will run it.