PowerShell is a scripting language used in Windows to handle administrative tasks better and easier!
PowerShell is a popular scripting language due to its widespread use and access to key system functions. PowerShell offers full access to COM and WMI interfaces so administrators can perform administrative tasks on both local and remote Windows systems.
Small drawback from PowerShell!
However, since it is so powerful and capable, these factors also contribute to its popularity with malware creators. In addition to the extensive access they can get with PowerShell, attackers can also disguise their PowerShell to make detection more difficult. Current detection methods are based on the detection of signatures of known malicious scripts that can be easily damaged with simple obfuscation.
There is then a lot of work trying to use abstract syntax trees to find a more abstract representation of the script functionality so that an invisible, obfuscated script can be recognized if a related script is already known to be malware.