-
CCM.exe (SCCM)
Windows Config Manager CCM.exe runs b64-encoded powershell.
-
SenseNdr.exe
SenseNDR base64 encoding
-
Skype.exe
It runs whoami because it's lost.
-
Windows TCP Connections on High Ports
Windows uses random high service ports for a variety of functions.
-
Windows Terminal