feat: logic update to multiple rules

rules/windows/powershell/powershell_script/posh_ps_xml_iex.yml

@@ -9,7 +9,7 @@ references:
     - https://github.com/redcanaryco/atomic-red-team/blob/f339e7da7d05f6057fdfcdd3742bfcf365fee2a9/atomics/T1059.001/T1059.001.md#atomic-test-8---powershell-xml-requests
 author: frack113
 date: 2022/01/19
-modified: 2023/01/02
+modified: 2023/01/19
 tags:
     - attack.execution
     - attack.t1059.001
@@ -27,6 +27,8 @@ detection:
         ScriptBlockText|contains:
             - 'IEX '
             - 'Invoke-Expression '
+            - 'Invoke-Command '
+            - 'ICM -'
     condition: all of selection_*
 falsepositives:
     - Legitimate administrative script