The script contacts a C&C server and downloads a custom variant of the EggShell backdoor, which installs a user LaunchAgent for persistence, and allows the attacker to record information from the victim’s microphone, camera, and keyboard.