A threat actor is using a PowerShell script that was likely created with the help of an artificial intelligence system such as OpenAI's ChatGPT, Google's Gemini, or Microsoft's CoPilot.

The latest variants of the ViperSoftX info-stealing malware use the common language runtime (CLR) to load and execute PowerShell commands within AutoIt scripts to evade detection.

As you can see, converting a PowerShell script into an EXE file is a simple process. Even so, there are a couple of things that you need to know before you try this out on your own.

If you cannot run PowerShell script in Windows 11/10 and see message Cannot be loaded because running scripts is disabled on this system, see this post.

Fake Gitcode and DocuSign sites are tricking users into running PowerShell scripts that install NetSupport RAT.

Use the built-in IExpress.exe tool to easily convert PowerShell script (PS1) file to EXE in Windows 11/10. There are third-party tools available too.

Make sure your Windows systems are fully available and ready to roll with help from a simple PowerShell script.