Source: wscript.exe, 00000000.00000003.2122141460.00000185E88C1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2119987319.00000185E88C1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123643143.00000185E88C1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E88C1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2126200279.00000185E88C1000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://crl.v |
Source: powershell.exe, 00000005.00000002.2545679147.0000013FA62AD000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://nuget.org/NuGet.exe |
Source: powershell.exe, 00000005.00000002.2320773596.0000013F96463000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://pesterbdd.com/images/Pester.png |
Source: powershell.exe, 00000003.00000002.2675899972.000001B7D74D6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000005.00000002.2320773596.0000013F96241000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000007.00000002.2312727802.0000025D0003D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name |
Source: powershell.exe, 00000005.00000002.2320773596.0000013F9C73D000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://uploaddeimagens.com.br |
Source: powershell.exe, 00000005.00000002.2320773596.0000013F96463000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html |
Source: powershell.exe, 00000003.00000002.2675899972.000001B7D74AC000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2675899972.000001B7D745F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000005.00000002.2320773596.0000013F96241000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000007.00000002.2312727802.0000025D00047000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000007.00000002.2312727802.0000025D0005C000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://aka.ms/pscore68 |
Source: wscript.exe, 00000000.00000002.2125750102.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123023393.00000185E8805000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2119987319.00000185E8877000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2126037390.00000185E8878000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8838000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123741995.00000185E8877000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://analytics.paste.ee |
Source: wscript.exe, 00000000.00000002.2125750102.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123023393.00000185E8805000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2119987319.00000185E8877000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2126037390.00000185E8878000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8838000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123741995.00000185E8877000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://analytics.paste.ee; |
Source: wscript.exe, 00000000.00000002.2125750102.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123023393.00000185E8805000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2119987319.00000185E8877000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2126037390.00000185E8878000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8838000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123741995.00000185E8877000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://cdnjs.cloudflare.com |
Source: wscript.exe, 00000000.00000002.2125750102.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123023393.00000185E8805000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2119987319.00000185E8877000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2126037390.00000185E8878000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8838000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123741995.00000185E8877000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://cdnjs.cloudflare.com; |
Source: powershell.exe, 00000005.00000002.2545679147.0000013FA62AD000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://contoso.com/ |
Source: powershell.exe, 00000005.00000002.2545679147.0000013FA62AD000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://contoso.com/Icon |
Source: powershell.exe, 00000005.00000002.2545679147.0000013FA62AD000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://contoso.com/License |
Source: wscript.exe, 00000000.00000002.2125750102.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123023393.00000185E8805000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2119987319.00000185E8877000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2126037390.00000185E8878000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8838000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123741995.00000185E8877000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://fonts.googleapis.com |
Source: wscript.exe, 00000000.00000002.2125750102.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123023393.00000185E8805000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2119987319.00000185E8877000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2126037390.00000185E8878000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8838000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123741995.00000185E8877000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://fonts.gstatic.com; |
Source: powershell.exe, 00000005.00000002.2320773596.0000013F96463000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://github.com/Pester/Pester |
Source: wscript.exe, 00000000.00000003.2119987319.00000185E8877000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2126037390.00000185E8878000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123741995.00000185E8877000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://login.live.com |
Source: powershell.exe, 00000005.00000002.2545679147.0000013FA62AD000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://nuget.org/nuget.exe |
Source: wscript.exe, 00000000.00000003.2119987319.00000185E8877000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2126037390.00000185E8878000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123741995.00000185E8877000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/ |
Source: wscript.exe, 00000000.00000003.2119987319.00000185E88C1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2124998386.00000185E85C0000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123023393.00000185E8805000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2119987319.00000185E8877000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122821846.00000185E85C2000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2126037390.00000185E8878000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123474865.00000185E85C4000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125035589.00000185E85C5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123741995.00000185E8877000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121451392.00000185E85D1000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/d/c2iY1 |
Source: wscript.exe, 00000000.00000003.2121976786.00000185E882E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125599835.00000185E882F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121956771.00000185E8824000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/d/c2iY14 |
Source: wscript.exe, 00000000.00000003.2119987319.00000185E8877000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/d/c2iY18 |
Source: wscript.exe, 00000000.00000003.2121976786.00000185E882E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125599835.00000185E882F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121956771.00000185E8824000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/d/c2iY1h |
Source: wscript.exe, 00000000.00000002.2124868255.00000185E6805000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121995772.00000185E67DF000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/d/c2iY1l |
Source: wscript.exe, 00000000.00000003.2119987319.00000185E8877000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2126037390.00000185E8878000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123741995.00000185E8877000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/d/c2iY1t |
Source: wscript.exe, 00000000.00000002.2125750102.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123023393.00000185E8805000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2119987319.00000185E8877000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2126037390.00000185E8878000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8838000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123741995.00000185E8877000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://secure.gravatar.com |
Source: wscript.exe, 00000000.00000002.2125750102.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123023393.00000185E8805000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2119987319.00000185E8877000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2126037390.00000185E8878000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8838000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123741995.00000185E8877000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://themes.googleusercontent.com |
Source: powershell.exe, 00000005.00000002.2320773596.0000013F96463000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://uploaddeimagens.com.br |
Source: powershell.exe, 00000005.00000002.2320773596.0000013F96241000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://uploaddeimagens.com.br/images/004/785/720/original/new_image.jpg?1716307634 |
Source: wscript.exe, 00000000.00000002.2125750102.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123023393.00000185E8805000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2119987319.00000185E8877000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2126037390.00000185E8878000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8838000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123741995.00000185E8877000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.google.com |
Source: wscript.exe, 00000000.00000002.2125750102.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123023393.00000185E8805000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2119987319.00000185E8877000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2126037390.00000185E8878000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8838000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123741995.00000185E8877000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.google.com; |
Source: wscript.exe, 00000000.00000002.2125750102.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123023393.00000185E8805000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2119987319.00000185E8877000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2126037390.00000185E8878000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2121695901.00000185E8838000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E8870000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122141460.00000185E883D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123741995.00000185E8877000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.gstatic.com |