Source: wscript.exe, 00000001.00000003.1416337095.000001FA668D1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1421534739.000001FA668D1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1422820927.000001FA64A02000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1220909605.000001FA64A1E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1422521039.000001FA64A50000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1418152044.000001FA668C1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1423146490.000001FA668E0000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1221452637.000001FA668DE000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1422756691.000001FA668B2000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1422201829.000001FA64AA6000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000002.1425383596.000001FA668B5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1422616768.000001FA64A4B000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1221452637.000001FA668BA000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1422883330.000001FA64A1E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1221215217.000001FA668B4000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000002.1424739514.000001FA64A51000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1220848499.000001FA668C0000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1221152356.000001FA668DE000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000002.1424717306.000001FA64A4C000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1418152044.000001FA668D1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1424152267.000001FA668B5000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://app01.system.com.br/RDWeb/Pages/login.aspx |
Source: wscript.exe, 00000001.00000003.1416337095.000001FA668D1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1421534739.000001FA668D1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1423146490.000001FA668E0000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1221452637.000001FA668DE000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1221152356.000001FA668DE000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1418152044.000001FA668D1000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://app01.system.com.br/RDWeb/Pages/login.aspxd |
Source: powershell.exe, 00000010.00000002.1746262411.000001B010070000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://nuget.org/NuGet.exe |
Source: powershell.exe, 00000010.00000002.1590353299.000001B000223000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://pesterbdd.com/images/Pester.png |
Source: powershell.exe, 0000000E.00000002.1877541465.00000158E1F81000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.1590353299.000001B000001000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name |
Source: powershell.exe, 00000010.00000002.1590353299.000001B0064ED000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://uploaddeimagens.com.br |
Source: powershell.exe, 00000010.00000002.1590353299.000001B000223000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html |
Source: powershell.exe, 0000000E.00000002.1877541465.00000158E1FEC000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000E.00000002.1877541465.00000158E1FD0000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.1590353299.000001B000001000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://aka.ms/pscore68 |
Source: wscript.exe, 00000001.00000002.1424566924.000001FA649C0000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1423395644.000001FA66C15000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://analytics.paste.ee |
Source: wscript.exe, 00000001.00000002.1424566924.000001FA649C0000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1423395644.000001FA66C15000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://analytics.paste.ee; |
Source: wscript.exe, 00000001.00000002.1424566924.000001FA649C0000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1423395644.000001FA66C15000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://cdnjs.cloudflare.com |
Source: wscript.exe, 00000001.00000002.1424566924.000001FA649C0000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1423395644.000001FA66C15000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://cdnjs.cloudflare.com; |
Source: powershell.exe, 00000010.00000002.1746262411.000001B010070000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://contoso.com/ |
Source: powershell.exe, 00000010.00000002.1746262411.000001B010070000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://contoso.com/Icon |
Source: powershell.exe, 00000010.00000002.1746262411.000001B010070000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://contoso.com/License |
Source: wscript.exe, 00000001.00000002.1424566924.000001FA649C0000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1423395644.000001FA66C15000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://fonts.googleapis.com |
Source: wscript.exe, 00000001.00000002.1424566924.000001FA649C0000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1423395644.000001FA66C15000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://fonts.gstatic.com; |
Source: powershell.exe, 00000010.00000002.1590353299.000001B000223000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://github.com/Pester/Pester |
Source: wscript.exe, 00000001.00000002.1425621780.000001FA66BAA000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1421763806.000001FA66BAA000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://login.live.com |
Source: powershell.exe, 00000010.00000002.1746262411.000001B010070000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://nuget.org/nuget.exe |
Source: wscript.exe, 00000001.00000003.1418152044.000001FA668D1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1423182787.000001FA64A2D000.00000004.00000020.00020000.00000000.sdmp, file.vbs |
String found in binary or memory: https://pastcinzal.cinzalcinzal/d/ZKQQ9 |
Source: wscript.exe, 00000001.00000002.1425621780.000001FA66B8B000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1421763806.000001FA66B86000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/ |
Source: wscript.exe, 00000001.00000002.1425621780.000001FA66B8B000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1421763806.000001FA66B86000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/; |
Source: wscript.exe, 00000001.00000003.1421763806.000001FA66BA3000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1423395644.000001FA66C15000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000002.1425621780.000001FA66B8B000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1418152044.000001FA668C1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1422142977.000001FA66B71000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1422952198.000001FA66B79000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1421763806.000001FA66B86000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000002.1425344328.000001FA668B0000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000002.1425621780.000001FA66BA3000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1422727575.000001FA66B78000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000002.1425596311.000001FA66B79000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/d/ZKQQ9 |
Source: wscript.exe, 00000001.00000003.1422142977.000001FA66B71000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1422952198.000001FA66B79000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1422727575.000001FA66B78000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000002.1425596311.000001FA66B79000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/d/ZKQQ9/m |
Source: wscript.exe, 00000001.00000003.1421763806.000001FA66BA3000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000002.1425621780.000001FA66BA3000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/d/ZKQQ9U |
Source: wscript.exe, 00000001.00000003.1422883330.000001FA64A47000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1423182787.000001FA64A47000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000002.1424693017.000001FA64A47000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/d/ZKQQ9e |
Source: wscript.exe, 00000001.00000003.1421763806.000001FA66BA3000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000002.1425621780.000001FA66BA3000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/d/ZKQQ9m |
Source: wscript.exe, 00000001.00000002.1425621780.000001FA66B8B000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1421763806.000001FA66B86000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/d/ZKQQ9ramF |
Source: wscript.exe, 00000001.00000002.1424566924.000001FA649C0000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1423395644.000001FA66C15000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://secure.gravatar.com |
Source: wscript.exe, 00000001.00000002.1424566924.000001FA649C0000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1423395644.000001FA66C15000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://themes.googleusercontent.com |
Source: powershell.exe, 00000010.00000002.1590353299.000001B000223000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://uploaddeimagens.com.br |
Source: powershell.exe, 00000010.00000002.1590353299.000001B000001000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://uploaddeimagens.com.br/images/004/773/797/original/new_image.jpg?1713882029 |
Source: wscript.exe, 00000001.00000002.1424566924.000001FA649C0000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1423395644.000001FA66C15000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.google.com |
Source: wscript.exe, 00000001.00000002.1424566924.000001FA649C0000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1423395644.000001FA66C15000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.google.com; |
Source: wscript.exe, 00000001.00000002.1424566924.000001FA649C0000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000001.00000003.1423395644.000001FA66C15000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.gstatic.com |