Source: powershell.exe, 00000005.00000002.2353488546.000001C1BDC2D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000005.00000002.2333958982.000001C1AF55C000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000005.00000002.2353488546.000001C1BDD64000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://nuget.org/NuGet.exe |
Source: powershell.exe, 00000005.00000002.2333958982.000001C1ADDDC000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://pesterbdd.com/images/Pester.png |
Source: powershell.exe, 00000002.00000002.2921006320.000002209C91A000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000005.00000002.2333958982.000001C1ADBB1000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, 00000007.00000002.3520703529.0000000002C01000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name |
Source: powershell.exe, 00000005.00000002.2333958982.000001C1AF03C000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0 |
Source: powershell.exe, 00000005.00000002.2333958982.000001C1ADDDC000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html |
Source: powershell.exe, 00000002.00000002.2921006320.000002209C8CE000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://aka.ms/pscore6 |
Source: powershell.exe, 00000002.00000002.2921006320.000002209C906000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000004.00000002.2910379828.000002793BDE1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000005.00000002.2333958982.000001C1ADBB1000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://aka.ms/pscore68 |
Source: wscript.exe, 00000000.00000003.2232630314.000002CC1EC1F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2234289094.000002CC1EC05000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236247073.000002CC1CB88000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236937839.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2233340297.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://analytics.paste.ee |
Source: wscript.exe, 00000000.00000003.2232630314.000002CC1EC1F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2234289094.000002CC1EC05000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236937839.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2233340297.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://analytics.paste.ee; |
Source: wscript.exe, 00000000.00000003.2232630314.000002CC1EC1F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2234289094.000002CC1EC05000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236937839.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2233340297.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://cdnjs.cloudflare.com |
Source: wscript.exe, 00000000.00000003.2232630314.000002CC1EC1F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2234289094.000002CC1EC05000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236247073.000002CC1CB88000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236937839.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2233340297.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://cdnjs.cloudflare.com; |
Source: powershell.exe, 00000005.00000002.2353488546.000001C1BDD64000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://contoso.com/ |
Source: powershell.exe, 00000005.00000002.2353488546.000001C1BDD64000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://contoso.com/Icon |
Source: powershell.exe, 00000005.00000002.2353488546.000001C1BDD64000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://contoso.com/License |
Source: wscript.exe, 00000000.00000003.2232630314.000002CC1EC1F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2234289094.000002CC1EC05000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236247073.000002CC1CB88000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236937839.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2233340297.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://fonts.googleapis.com |
Source: wscript.exe, 00000000.00000003.2232630314.000002CC1EC1F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2234289094.000002CC1EC05000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236247073.000002CC1CB88000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236937839.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2233340297.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://fonts.gstatic.com; |
Source: powershell.exe, 00000005.00000002.2333958982.000001C1ADDDC000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://github.com/Pester/Pester |
Source: wscript.exe, 00000000.00000003.2226569396.000002CC1EA0A000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://lesferch.github.io/DesktopPic |
Source: wscript.exe, 00000000.00000003.2235638255.000002CC1EC5D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2233340297.000002CC1EC50000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2232630314.000002CC1EC50000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236999970.000002CC1EC5E000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://login.live.com |
Source: powershell.exe, 00000005.00000002.2353488546.000001C1BDC2D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000005.00000002.2333958982.000001C1AF55C000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000005.00000002.2353488546.000001C1BDD64000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://nuget.org/nuget.exe |
Source: powershell.exe, 00000005.00000002.2333958982.000001C1AF03C000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://oneget.org |
Source: powershell.exe, 00000005.00000002.2333958982.000001C1AF03C000.00000004.00000800.00020000.00000000.sdmp |
String found in binary or memory: https://oneget.orgX |
Source: wscript.exe, 00000000.00000003.2233340297.000002CC1EC50000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2232630314.000002CC1EC50000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236937839.000002CC1EC50000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/ |
Source: wscript.exe, 00000000.00000003.2235743544.000002CC1EA0D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2232406242.000002CC1E9B9000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2235638255.000002CC1EC5D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2233340297.000002CC1EC50000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2232630314.000002CC1EC50000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2233073926.000002CC1CC2E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236893994.000002CC1EC19000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236999970.000002CC1EC5E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2234289094.000002CC1EC05000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2232406242.000002CC1EA0A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2232885652.000002CC1EC11000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2232905254.000002CC1EC18000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236434189.000002CC1CC34000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2233299190.000002CC1EC19000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2233745693.000002CC1CC33000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2232960454.000002CC1EA0A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2226569396.000002CC1EA0A000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/d/FIwXa |
Source: wscript.exe, 00000000.00000002.2236893994.000002CC1EC19000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2232885652.000002CC1EC11000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2232905254.000002CC1EC18000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2233299190.000002CC1EC19000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/d/FIwXaU |
Source: wscript.exe, 00000000.00000003.2235638255.000002CC1EC5D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2233340297.000002CC1EC50000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2232630314.000002CC1EC50000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236999970.000002CC1EC5E000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://paste.ee/d/FIwXaok |
Source: wscript.exe, 00000000.00000003.2232630314.000002CC1EC1F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2234289094.000002CC1EC05000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236247073.000002CC1CB88000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236937839.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2233340297.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://secure.gravatar.com |
Source: wscript.exe, 00000000.00000003.2232630314.000002CC1EC1F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2234289094.000002CC1EC05000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236247073.000002CC1CB88000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236937839.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2233340297.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://themes.googleusercontent.com |
Source: powershell.exe, 00000004.00000002.2904251740.0000027939F0D000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://uploaddeimagens.com.br/images/004/771/542/original/new_image.jpg?1713394820 |
Source: wscript.exe, 00000000.00000003.2232630314.000002CC1EC1F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2234289094.000002CC1EC05000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236937839.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2233340297.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.google.com |
Source: wscript.exe, 00000000.00000003.2232630314.000002CC1EC1F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2234289094.000002CC1EC05000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236247073.000002CC1CB88000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236937839.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2233340297.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.google.com; |
Source: wscript.exe, 00000000.00000003.2232630314.000002CC1EC1F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2234289094.000002CC1EC05000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2236937839.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2233340297.000002CC1EC24000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://www.gstatic.com |