June 2018
Beginner
510 pages
13h 7m
English
Content preview from Learning Malware Analysis
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
1.6 PowerShell-Based Execution
To evade detection, malware authors often leverage tools that already exist on the system (such as PowerShell) which allow them to hide their malicious activities. PowerShell is a management engine based on the .NET framework. This engine exposes a series of commands called cmdlets. The engine is hosted in an application and Windows operating system, which by default ships a command-line interface (interactive console) and a GUI PowerShell ISE (Integrated Scripted Environment).
PowerShell is not a programming language, but it allows you to create useful scripts containing multiple commands. You can also open PowerShell prompt and execute individual commands. PowerShell is typically used by the System Administrators ...