Tag
Attackers obfuscate commands in Windows by dynamically constructing them using substrings extracted from environment variables, a technique observed in malware families such as Cobalt Strike and Meterpreter.