luca-m/pwsh_tips_for_malware_analysis.ps1

## pwsh_tips_for_malware_analysis.ps1
##
## Powershell Tips for Malware Analysits
##

# In-Memory base64 payload decoding

$BASE64='AAA';
sal a New-Object;
(a IO.StreamReader((a IO.Compression.DeflateStream([IO.MemoryStream][Convert]::FromBase64String($BASE64),[IO.Compression.CompressionMode]::Decompress)),[Text.Encoding]::ASCII)).ReadToEnd()
	##
	## Powershell Tips for Malware Analysits
	##

	# In-Memory base64 payload decoding

	$BASE64='AAA';
	sal a New-Object;
	(a IO.StreamReader((a IO.Compression.DeflateStream([IO.MemoryStream][Convert]::FromBase64String($BASE64),[IO.Compression.CompressionMode]::Decompress)),[Text.Encoding]::ASCII)).ReadToEnd()