Summary
Run PowerShell commands in the current running process.Arguments (Positional)
Command
PowerShell command to be executed.Usage
MITRE ATT&CK Mapping
- T1059
Detailed Summary
Thepowershell creates a new PowerShell runspace within the Apollo process to execute given PowerShell commands. Any PowerShell scripts loaded with the psimport command will be loaded into the runspace before command execution, giving access to any cmdlets within those scripts. This method also bypasses the system’s PowerShell execution settings before executing commands. PowerShellv4 is used by default.