Tag
This rule identifies the execution of the Windows Command Shell process (cmd.exe) with suspicious argument values, often observed during malware installation.