PowerShell scripts

These scripts, which allow you to download and run malware directly in memory, were used by the hacker group Turla. The method it uses is more effective for hiding malicious activity compared to the traditional saving of an executable file to disk. Experts note that PowerShell scripts are essential components that allow you to load RPC and PowerShell backdoors.Previously, cybercriminals have already tried to use PowerShell loaders, but the malicious campaign could not be implemented due to numerous errors. Now Turla has updated the scripts and now uses them to download a variety of malicious programs.