How can you manually create a malicious .bgi file to launch a VBS script?

You manually create a `.bgi` file by opening BGInfo, adding a VBS data source under 'Custom', pointing it to your script (e.g., `cmd.vbs`), and saving the project. The resulting binary file contains a fixed header (0x00000000 to 0x00000300) and then a flag byte at offset 0x00000301 indicating the VBS path length plus 2. The flag value is `path_length + 2` in hex. The VBS path must use uppercase drive letters (e.g., `C:\test\cmd.vbs`). For step-by-step instructions, refer to the article Study Notes of using BGInfo to bypass Application Whitelisting.