top title background image
flash

Rokadernes.vbs

Status: finished
Submission Time: 2024-12-23 06:40:06 +01:00
Malicious
Trojan
Exploiter
Evader
Remcos, GuLoader

Comments

Tags

  • GuLoader
  • vbs

Details

  • Analysis ID:
    1579623
  • API (Web) ID:
    1579623
  • Analysis Started:
    2024-12-23 06:40:07 +01:00
  • Analysis Finished:
    2024-12-23 06:48:21 +01:00
  • MD5:
    693321a98dce16a4369d750bac3c4fb0
  • SHA1:
    cadf2497394e79cfd3c02a4f5bbb1adb6503d29c
  • SHA256:
    d719392462e09d59474cafa8d7b107d4e3063a664a51e87c5e2b750cf100be69
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
malicious
Score: 100
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

IPs

IP Country Detection
104.21.86.72
United States

Domains

Name IP Detection
of1x.icu
104.21.86.72

URLs

Name Detection
https://of1x.icu
https://of1x.icu/CACZkcPf/S
https://of1x.icu/CACZkcPf/Schmeer.
Click to see the 40 hidden entries
https://of1x.icu/
https://of1x.icu/CACZkcPf/Schm
https://of1x.icu/CACZkcPf/Schmeer.ac
https://aka.ms/pscore6lB
https://of1x.icu/rTPVLEPs/asyclWl80.bin
https://of1x.icu/XV
https://contoso.com/
https://nuget.org/nuget.exe
https://of1x.icu/CACZk
https://of1x.icu/CACZkcPf
https://of1x.icu/CACZkcPf/Sch
https://aka.ms/pscore68
https://of1x.icu/CACZkcPf/Schmeer.acaP
https://of1x.icu/CACZkcPf/Schmee
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
https://of1x.icu/CACZ
https://of1x.icu/C
https://of1x.icu/CACZkcPf/
http://of1x.icu
https://of1x.icu/CACZkcPf/Schmeer.acaXR
http://pesterbdd.com/images/Pester.png
https://of1x.i
https://of1x.icu/CACZkc
http://www.apache.org/licenses/LICENSE-2.0.html
https://of1x.icu/1
https://go.micro
https://of1x.icu/CA
https://of1x.icu/CACZkcPf/Schme
https://of1x.icu/CACZkcPf/Schmeer
https://of1x.icu/CACZkcPf/Schmeer.a
http://nuget.org/NuGet.exe
https://contoso.com/License
https://of1x.icu/CACZkcPf/Schmeer.aca
https://contoso.com/Icon
https://of1x.icu/rTPVLEPs/asyclWl80.binN
https://of1x.icu/CAC
https://of1x.ic
https://of1x.icu/CACZkcP
https://github.com/Pester/Pester
https://of1x.icu/CACZkcPf/Sc

Dropped files

No malicious files found. See full and IOC report for all dropped files.