Can the CLR backdoor be triggered automatically without user interaction, and how does it compare to AppDomainManager persistence?

Yes, because the system frequently launches .NET programs (e.g., powershell.exe, managed COM components) as part of normal operation, so the backdoor activates automatically. Unlike the AppDomainManager technique, which requires admin privileges and targets a specific program, CLR persistence works without admin rights and hijacks all .NET applications.