The best idea i have for you at the moment is to create a generic payload that download from an anonymous link like we transfer or whatever the real payload, store it on the BB storage, open a terminal on the host, unmount the bb and mount it. After your attack use the host terminal to delete your payload. If you set your dl link to one time use there will remain nothing "public" of your malicious payload
This idea need to be tested, not sure for the mount unmount
@dark_pyrro When unmount -> mount it is the same for the bb than remove it -> plug it in