This detection rule is designed to identify obfuscated PowerShell code execution through the `Invoke-Obfuscation` framework, specifically targeting various forms of obfuscated `IEX` (Invoke-Expression) invocations. The rule leverages regex patterns to find common obfuscation techniques used in PowerShell scripts that are designed to evade detection mechanisms. Specifically, it checks for script blocks that include patterns indicating concatenated environment variables and specific PowerShell home directory references which are often manipulated by attackers to obfuscate malicious intent. Such tactics are commonly associated with attack stages focused on execution and defense evasion.