Source: powershell.exe, 00000002.00000002.2614806949.0000015D3EBB0000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://crl.microsoft |
Source: wscript.exe, 00000000.00000003.2029725990.0000021F66024000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2031136368.0000021F66024000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2031451843.0000021F66031000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2035139367.0000021F66032000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://crl.v |
Source: powershell.exe, 00000004.00000002.2443729806.00000245B10E3000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://nuget.org/NuGet.exe |
Source: powershell.exe, 00000004.00000002.2206715174.00000245A1294000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://pesterbdd.com/images/Pester.png |
Source: powershell.exe, 00000002.00000002.2578636274.0000015D26B4C000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000004.00000002.2206715174.00000245A1071000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000006.00000002.2201174217.00000286E5CE4000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name |
Source: powershell.exe, 00000004.00000002.2206715174.00000245A756E000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://uploaddeimagens.com.br |
Source: powershell.exe, 00000004.00000002.2206715174.00000245A1294000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html |
Source: powershell.exe, 00000002.00000002.2578636274.0000015D26B01000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://aka.ms/pscore6 |
Source: powershell.exe, 00000002.00000002.2578636274.0000015D26B1C000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000004.00000002.2206715174.00000245A1071000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000006.00000002.2201174217.00000286E5CBD000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000006.00000002.2201174217.00000286E5CAA000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://aka.ms/pscore68 |
Source: wscript.exe, 00000000.00000002.2034562228.0000021F63EA5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2034976437.0000021F65FBC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://analytics.paste.ee |
Source: wscript.exe, 00000000.00000003.2029725990.0000021F65FB7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2031136368.0000021F6601E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2031136368.0000021F65FBC000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2033170016.0000021F65855000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2034976437.0000021F65FBC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://analytics.paste.ee; |
Source: wscript.exe, 00000000.00000003.2029725990.0000021F65FB7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2031136368.0000021F6601E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2031136368.0000021F65FBC000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2033170016.0000021F65855000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2034976437.0000021F65FBC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://cdnjs.cloudflare.com |
Source: wscript.exe, 00000000.00000002.2034562228.0000021F63EA5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2034976437.0000021F65FBC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://cdnjs.cloudflare.com; |
Source: powershell.exe, 00000004.00000002.2443729806.00000245B10E3000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://contoso.com/ |
Source: powershell.exe, 00000004.00000002.2443729806.00000245B10E3000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://contoso.com/Icon |
Source: powershell.exe, 00000004.00000002.2443729806.00000245B10E3000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://contoso.com/License |
Source: wscript.exe, 00000000.00000002.2034562228.0000021F63EA5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2034976437.0000021F65FBC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://fonts.googleapis.com |
Source: wscript.exe, 00000000.00000002.2034562228.0000021F63EA5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2034976437.0000021F65FBC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://fonts.gstatic.com; |
Source: powershell.exe, 00000004.00000002.2206715174.00000245A1294000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://github.com/Pester/Pester |
Source: wscript.exe, 00000000.00000002.2034976437.0000021F65FEC000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2029725990.0000021F65FEC000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2031136368.0000021F65FEC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://login.live.com |
Source: powershell.exe, 00000004.00000002.2443729806.00000245B10E3000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://nuget.org/nuget.exe |
Source: wscript.exe, 00000000.00000002.2034976437.0000021F65FEC000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2029725990.0000021F65FEC000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2031136368.0000021F65FEC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/ |
Source: wscript.exe, 00000000.00000002.2034976437.0000021F65FBC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/d/Vm93m |
Source: wscript.exe, 00000000.00000003.2033170016.0000021F65855000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/d/Vm93m/( |
Source: wscript.exe, 00000000.00000003.2033034974.0000021F63E14000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2034480793.0000021F63E14000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2030902082.0000021F63DEF000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/d/Vm93mll |
Source: wscript.exe, 00000000.00000002.2034562228.0000021F63EA5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2034976437.0000021F65FBC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://secure.gravatar.com |
Source: wscript.exe, 00000000.00000002.2034562228.0000021F63EA5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2034976437.0000021F65FBC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://themes.googleusercontent.com |
Source: powershell.exe, 00000004.00000002.2206715174.00000245A1294000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://uploaddeimagens.com.br |
Source: powershell.exe, 00000004.00000002.2206715174.00000245A1071000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://uploaddeimagens.com.br/images/004/785/720/original/new_image.jpg?1716307634 |
Source: wscript.exe, 00000000.00000003.2029725990.0000021F65FB7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2031136368.0000021F6601E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2031136368.0000021F65FBC000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2033170016.0000021F65855000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2034976437.0000021F65FBC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.google.com |
Source: wscript.exe, 00000000.00000002.2034562228.0000021F63EA5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2034976437.0000021F65FBC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.google.com; |
Source: wscript.exe, 00000000.00000003.2029725990.0000021F65FB7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2031136368.0000021F6601E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2031136368.0000021F65FBC000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2033170016.0000021F65855000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2034976437.0000021F65FBC000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.gstatic.com |