Recently, Huntress ThreatOps team uncovered one artifact that I would like to break down and showcase. This is analysis of a publicly accessible stager present in the Metasploit Framework. At the time of writing VirusTotal indicates that 21 antivirus products detect this code as malicious. The code s author, Boris Lukashev, provided the following statement: The. sample is a mildly advanced archiver, the benign or malicious use of which is up to the consumer
Source: https://threatpost.com/powershell-payload-analysis-malware/165188/