Turla, also known as Snake, is an infamous espionage group recognized for its complex malware. To confound detection, its operators recently started using PowerShell scripts that provide direct, in-memory loading and execution of malware executables and libraries. This allows them to bypass detection that can trigger when a malicious executable is dropped on disk.

REFERENCE:
https://www.welivesecurity.com/2019/05/29/turla-powershell-usage/
TAGS:
ADVERSARY:
INDUSTRIES: