How can you create a WMI persistence backdoor using wmic.exe?

You create a WMI persistence backdoor by first creating an `__EventFilter` instance that defines the triggering event (e.g., system performance changes), then a `CommandLineEventConsumer` instance specifying the executable to run, and finally a `__FilterToConsumerBinding` instance to link them. All these are done via wmic commands in the `root\subscription` namespace, as detailed in the persistence section of Study Notes of WMI Persistence using wmic.exe. For example: `wmic /NAMESPACE:"\\root\\subscription" PATH __EventFilter CREATE Name="BotFilter82", ...`.