Source: pankerfan.com |
Virustotal: Detection: 9% |
Perma Link |
Source: https://pankerfan.com/ |
Virustotal: Detection: 7% |
Perma Link |
Source: unknown |
DNS traffic detected: query: pankerfan.com replaycode: Server failure (2) |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
DNS traffic detected: queries for: pankerfan.com |
Source: wscript.exe, 00000000.00000003.2033314851.00000200AAA3D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2018833643.00000200AAFC8000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2026327419.00000200ABAB4000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2018211870.00000200A954D000.00000004.00000020.00020000.00000000.sdmp, Invoice_949287 2024_4_81859153_8337611.js |
String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=583181 |
Source: wscript.exe, 00000000.00000003.2033314851.00000200AAA3D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2018833643.00000200AAFC8000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2026327419.00000200ABAB4000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2018211870.00000200A954D000.00000004.00000020.00020000.00000000.sdmp, Invoice_949287 2024_4_81859153_8337611.js |
String found in binary or memory: https://github.com/pmjoniak/GeometricTools/blob/master/GTEngine/Include/Mathematics/GteIntrRay3Trian |
Source: wscript.exe, 00000000.00000003.2033314851.00000200AAA3D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2018833643.00000200AAFC8000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2026327419.00000200ABAB4000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2018211870.00000200A954D000.00000004.00000020.00020000.00000000.sdmp, Invoice_949287 2024_4_81859153_8337611.js |
String found in binary or memory: https://media.blackhat.com/us-13/US-13-Daigniere-TLS-Secrets-Slides.pdf |
Source: wscript.exe, 00000000.00000003.2034679979.00000200A66AA000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2035548707.00000200A66AB000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2034236548.00000200A667C000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://pankerfan.com/ |
Source: wscript.exe, 00000000.00000003.2034679979.00000200A66AA000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2035548707.00000200A66AB000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2034236548.00000200A667C000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://pankerfan.com/2u |
Source: wscript.exe, 00000000.00000003.2034679979.00000200A66AA000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2035548707.00000200A66AB000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2034236548.00000200A667C000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://pankerfan.com/:u |
Source: wscript.exe, 00000000.00000003.2035036189.00000200A68E9000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://pankerfan.com/eft-edi-customer?Xe=wawxGFZa&Ys=ecIFw&sourceNB=qdE |
Source: wscript.exe, 00000000.00000003.2034236548.00000200A66C3000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2034236548.00000200A667C000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2035673999.00000200A66F3000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://pankerfan.com/eft-edi-customer?Xe=wawxGFZa&Ys=ecIFw&sourceNB=qdENHf&jjcontent=mIBXU&l_cid=82 |
Source: wscript.exe, 00000000.00000003.2034770728.00000200A6687000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2035548707.00000200A6688000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2034236548.00000200A667C000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://pankerfan.com:443/eft-edi-customer?Xe=wawxGFZa&Ys=ecIFw&sourceNB=qdENHf&jjcontent=mIBXU&l_ci |
Source: wscript.exe, 00000000.00000003.2033314851.00000200AAA3D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2018833643.00000200AAFC8000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2026327419.00000200ABAB4000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2018211870.00000200A954D000.00000004.00000020.00020000.00000000.sdmp, Invoice_949287 2024_4_81859153_8337611.js |
String found in binary or memory: https://trac.torproject.org/projects/tor/ticket/26114 |
Source: wscript.exe, 00000000.00000003.2033314851.00000200AAA3D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2018833643.00000200AAFC8000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2026327419.00000200ABAB4000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2018211870.00000200A954D000.00000004.00000020.00020000.00000000.sdmp, Invoice_949287 2024_4_81859153_8337611.js |
String found in binary or memory: https://wiki.mozilla.org/Security/Tor_Uplift/Tracking |
Source: wscript.exe, 00000000.00000003.2033314851.00000200AAA3D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2018833643.00000200AAFC8000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2026327419.00000200ABAB4000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2018211870.00000200A954D000.00000004.00000020.00020000.00000000.sdmp, Invoice_949287 2024_4_81859153_8337611.js |
String found in binary or memory: https://www.mozilla.org/en-US/firefox/39.0/releasenotes/ |
Source: wscript.exe, 00000000.00000003.2033314851.00000200AAA3D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2018833643.00000200AAFC8000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2026327419.00000200ABAB4000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2018211870.00000200A954D000.00000004.00000020.00020000.00000000.sdmp, Invoice_949287 2024_4_81859153_8337611.js |
String found in binary or memory: https://www.ppsloan.org/publications/StupidSH36.pdf |
Source: C:\Windows\System32\wscript.exe |
COM Object queried: WinHttpRequest Component version 5.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2087c2f4-2cef-4953-a8ab-66779b670495} |
Jump to behavior |
Source: Invoice_949287 2024_4_81859153_8337611.js |
Initial sample: Strings found which are bigger than 50 |
Source: classification engine |
Classification label: mal60.evad.winJS@1/0@1/0 |
Source: C:\Windows\System32\wscript.exe |
Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: version.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: kernel.appcore.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: uxtheme.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: sxs.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: jscript.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: iertutil.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: amsi.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: userenv.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: profapi.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: wldp.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: msasn1.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: cryptsp.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: rsaenh.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: cryptbase.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: msisip.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: wshext.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: scrobj.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: winhttpcom.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: winhttp.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: ondemandconnroutehelper.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: webio.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: mswsock.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: iphlpapi.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: winnsi.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: sspicli.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: dnsapi.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Section loaded: rasadhlp.dll |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 |
Jump to behavior |
Source: Invoice_949287 2024_4_81859153_8337611.js |
Static file information: File size 5728041 > 1048576 |
Source: C:\Windows\System32\wscript.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe TID: 6432 |
Thread sleep time: -30000s >= -30000s |
Jump to behavior |
Source: C:\Windows\System32\wscript.exe TID: 1976 |
Thread sleep time: -30000s >= -30000s |
Jump to behavior |
Source: Invoice_949287 2024_4_81859153_8337611.js |
Binary or memory string: UireBlWC += 'hkNv7vw5f';/*e assessment on the computer (e.g., 41 43 9 45 INTEGER(KIND=MPI_OFFSET_KIND) OFFSET 26 46 40 where extent(recvtype) is the type extent obtained from a call to MPI_Type_get_extent. int MPI_File_get_position(MPI_File fh, MPI_Offset -offset) of a window created with regions and countries. control variables, since performance variables have different requirements and parameters. By keeping them separate, the interface provides cleaner semantics and allows extreme events (very high confidence), and loss of livelihoods and culture (high confidence) (Figure 2.3). e-commerce, both at a domestic and international level. The TYPE(MPI_Request) :: req(4) 32 TYPE(MPI_Comm), INTENT(IN) :: comm In Germany, the national virtual machine was run on the VMware Player. As mentioned 31 . regarding the quality of these reviews with regard to the professional standards 1 after the broadcast, and process 2 sends a message to process 1 before the broadcast. - create the complex-product user-op MPI_COMBINER_RESIZED, 117, 123, 679 RELIGIONc pointer, disp_unit, and size of the memory segment belonging the lowest rank that specified conduct outreach activities, report those activities here. Note that scientific publications and the sharing 1. An MPI subroutine with a choice argument may be called with different argument 22 POLICIES AND REGULATION: Interstate kinetic conflictsdefined as direct 28 Pass 22 Informant interview _faglighedSkaerpet_tilsyn_med_videreSkaerpet_ti cognitive impairment (and decline from a previous must be completed with an end routine before it is safe to free buffers, etc. 37 precipitation, the evidence is mostly drawn from changes in indices based on one-day or five-day precipitation amounts and the root executes n receives, 25 - 17 OUT recvbuf starting address of receive buffer (choice) arguments used in the MPI_BSEND call, returns an upper bound on the amount climate-informed transboundary management, cooperation, responses and solutions through multinational or regional governance processes (high confidence). Multilateral governance efforts can help biodiversity and the financial impacts, we can expect t 22 to the data presented in the paper) either weighted Chapter 6 40 World Religion Database. 5 computer-based items via a preview function, to ensure that the stimulus, questions, and Diff erences in profi ciency levels may indicate that fi eldwork eff orts to gain late respondent p |