
Malware Analysis in 5-Minutes: Deobfuscating PowerShell Scripts
I often run into obfuscated PowerShell while analyzing malicious documents and executables. Malware authors have many reasons for obfuscating their PowerShell activities, but mostly they do it to tick me off for the lulz. There are a few good ways (and many bad ways) to tear apart PowerShell scripts and discover what they are doing …

