Source: svchost.exe, 0000000A.00000002.3436851309.0000025084884000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: http://crl.ver) |
Source: qmgr.db.10.dr |
String found in binary or memory: http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFU |
Source: qmgr.db.10.dr |
String found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome/acocfkfsx7alydpzevdxln7drwdq_117.0.5938.134/117.0.5 |
Source: qmgr.db.10.dr |
String found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaa5khuklrahrby256zitbxd5wq_1.0.2512.1/n |
Source: qmgr.db.10.dr |
String found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaxuysrwzdnwqutaimsxybnjbrq_2023.9.25.0/ |
Source: qmgr.db.10.dr |
String found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adhioj45hzjkfunn7ccrbqyyhu3q_20230916.567 |
Source: qmgr.db.10.dr |
String found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adqyi2uk2bd7epzsrzisajjiqe_9.48.0/gcmjkmg |
Source: qmgr.db.10.dr |
String found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/dix4vjifjljmfobl3a7lhcpvw4_414/lmelglejhe |
Source: qmgr.db.10.dr |
String found in binary or memory: http://f.c2r.ts.cdn.office.net/pr/492350f6-3a01-4f97-b9c0-c7c6ddf67d60/Office/Data/v32_16.0.16827.20 |
Source: powershell.exe, 00000008.00000002.2514235788.0000019449F9E000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://nuget.org/NuGet.exe |
Source: powershell.exe, 00000008.00000002.2340710949.000001943A15A000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://pesterbdd.com/images/Pester.png |
Source: powershell.exe, 00000008.00000002.2340710949.000001943E12B000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/ |
Source: powershell.exe, 00000006.00000002.2635327490.00000188234E7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.0000019439F31000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name |
Source: powershell.exe, 00000008.00000002.2340710949.000001943E12B000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/wsdl/ |
Source: powershell.exe, 00000008.00000002.2340710949.000001943A15A000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html |
Source: powershell.exe, 00000006.00000002.2635327490.00000188234FD000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://aka.ms/pscore6 |
Source: powershell.exe, 00000006.00000002.2635327490.0000018823550000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.0000019439F31000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://aka.ms/pscore68 |
Source: powershell.exe, 00000008.00000002.2340710949.000001943E12B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.000001943EC6E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.000001943F7BA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.000001943F4D8000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.000001943F794000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://aka.ms/winsvr-2022-pshelp |
Source: powershell.exe, 00000008.00000002.2340710949.000001943EC6E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.000001943F7BA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.000001943F794000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://aka.ms/winsvr-2022-pshelpX |
Source: powershell.exe, 00000008.00000002.2340710949.000001943A328000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.000001943A15A000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://aui-cdn.atlassian.com/ |
Source: powershell.exe, 00000008.00000002.2340710949.000001943A15A000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://bbc-object-storage--frontbucket.us-east-1.prod.public.atl-paas.net/ |
Source: powershell.exe, 00000008.00000002.2340710949.000001943A15A000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://bbc-object-storage--frontbucket.us-east-1.staging.public.atl-paas.net/; |
Source: powershell.exe, 00000008.00000002.2340710949.000001943DEED000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://bbuseruploads.s3.amazonaws.com |
Source: powershell.exe, 00000008.00000002.2340710949.000001943DEED000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://bbuseruploads.s3.amazonaws.com/4be491a4-012e-46db-bc28-27fee082b0f0/downloads/74ccc5a3-8670- |
Source: powershell.exe, 00000008.00000002.2340710949.000001943DEED000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://bitbucket.org |
Source: powershell.exe, 00000006.00000002.2635327490.0000018823A7D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2338162714.0000019438316000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2338796491.00000194384F4000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.000001943E611000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.0000019439F31000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2339496899.0000019439D60000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2338162714.0000019438290000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2338162714.00000194382A5000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.000001943A15A000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://bitbucket.org/gdffffffff/ddddd/downloads/img_test.jpg?11811735 |
Source: powershell.exe, 00000008.00000002.2340710949.000001943DEED000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://bitbucket.org/rulmerurk/ertertqw/downloads/po06.txt |
Source: powershell.exe, 00000008.00000002.2340710949.000001943A328000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.000001943A15A000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://cdn.cookielaw.org/ |
Source: powershell.exe, 00000008.00000002.2514235788.0000019449F9E000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://contoso.com/ |
Source: powershell.exe, 00000008.00000002.2514235788.0000019449F9E000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://contoso.com/Icon |
Source: powershell.exe, 00000008.00000002.2514235788.0000019449F9E000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://contoso.com/License |
Source: powershell.exe, 00000008.00000002.2340710949.000001943A328000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.000001943A15A000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://dz8aopenkvv6s.cloudfront.net |
Source: qmgr.db.10.dr |
String found in binary or memory: https://g.live.com/odclientsettings/Prod1C: |
Source: svchost.exe, 0000000A.00000003.2293868995.0000025084720000.00000004.00000800.00020000.00000000.sdmp, edb.log.10.dr |
String found in binary or memory: https://g.live.com/odclientsettings/ProdV21C: |
Source: powershell.exe, 00000008.00000002.2340710949.000001943A15A000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://github.com/Pester/Pester |
Source: powershell.exe, 00000008.00000002.2340710949.000001943EC6E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.000001943FB37000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://go.micro |
Source: powershell.exe, 00000008.00000002.2514235788.0000019449F9E000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://nuget.org/nuget.exe |
Source: powershell.exe, 00000008.00000002.2340710949.000001943A15A000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://raw.githubusercontent.com |
Source: powershell.exe, 00000006.00000002.2635327490.0000018823A7D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000006.00000002.2668705652.000001883BA0A000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2338162714.0000019438316000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2338796491.00000194384F4000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.000001943E611000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.0000019439F31000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2339496899.0000019439D60000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2338162714.0000019438290000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2338162714.00000194382A5000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.000001943A15A000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://raw.githubusercontent.com/santomalo/audit/main/img_test.jpg?14441723 |
Source: powershell.exe, 00000008.00000002.2340710949.000001943A328000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.000001943A15A000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://remote-app-switcher.prod-east.frontend.public.atl-paas.net |
Source: powershell.exe, 00000008.00000002.2340710949.000001943A328000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.000001943A15A000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://remote-app-switcher.stg-east.frontend.public.atl-paas.net |
Source: powershell.exe, 00000008.00000002.2340710949.000001943A328000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000008.00000002.2340710949.000001943A15A000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://web-security-reports.services.atlassian.com/csp-report/bb-website |