もうだいぶ前から、PowerShellをマルウエアが悪用したら、、、って言ってたけど、普通にマルウエアがPowerShellを使う世の中になった・・・

We have been continuously providing FFRI Dataset(2013-) to CSS/MWS which is an academic symposium held in Japan. The dataset is a set of log files which is generated by Cuckoo Sandbox for approximately 3,000 malware randomly sampled from our collection since Jan to Apr each year. We confirmed a few activities that malware abusing PowerShell on their executions in the dataset. In this slides, we introduce those activities.

リサーチ・ペーパー｜セキュリティ・リサーチのFFRI（エフエフアールアイ）