@winload_exe @halva @amarioguy i think all the well-known anticheats can run encrypted shellcode from a remote server

possibly when specifically triggered from the remote C2, ie, only "interesting" targets get it