Malicious Powershell Script Dissection, (Tue, Nov 6th)

Here is another example of malicious Powershell script found while hunting. Such scripts remain a common attack vector and many of them can be easily detected just by looking for some specific strings. Here is an example of YARA rule that I’m using to hunt for malicious Powershell scripts:

Article Link: