Joe Sandbox Cloud Basic

Want to search on specific fields?


Try our:

Advanced Search

Want to search in depth on all Cloud Basic reports?

Try: Joe Sandbox View

Register Login
Deep Malware Analysis
top title background image
flash

a.cmd

Status: finished
Submission Time: 2025-03-19 12:33:17 +01:00
Malicious
Trojan
Evader
GuLoader, Remcos

Comments

Tags

  • 196-251-80-250
  • cmd

Details

  • Analysis ID:
    1642927
  • API (Web) ID:
    1642927
  • Analysis Started:
    2025-03-19 12:41:12 +01:00
  • Analysis Finished:
    2025-03-19 12:51:00 +01:00
  • MD5:
    6958cd7ae6fbb4074e49eef0ee26762a
  • SHA1:
    c8d55997f66339b1a799ca542f7265694d393707
  • SHA256:
    7f1ddf0d05b256762152df1ec03355c2ababbc94b3e8d37be4ee6e3c28ad9439
  • Technologies:

Joe Sandbox

Engine Download Report Detection Info
Full Report Management Report IOC Report
malicious
Score: 100
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report
malicious
Score: 5/62

IPs

IP Country Detection
196.251.67.50
 Seychelles
84.32.84.32
 Lithuania
217.160.0.213
 Germany
Click to see the 2 hidden entries
178.237.33.50
 Netherlands
5.35.226.222
 Germany

Domains

Name IP Detection
www.tla-auto.fr
 196.251.67.50
wv-as.de
 84.32.84.32
www.wv-as.de
 0.0.0.0
Click to see the 3 hidden entries
www.automobile-bk.de
 5.35.226.222
geoplugin.net
 178.237.33.50
www.support-data.com
 217.160.0.213

URLs

Name Detection
https://www.support-data.com/Bear/2020/Goldarnedest.aca
https://www.automobile-bk.de/wp-admin/css/colors/sunrise/XundFAXgnsp84.binI
https://www.automobile-bk.de/wp-admin/css/colors/sunrise/XundFAXgnsp84.bin0(.
Click to see the 28 hidden entries
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
https://aka.ms/pscore68
https://www.automobile-bk.de/
https://nuget.org/nuget.exe
https://g.live.com/odclientsettings/ProdV2-C:
https://contoso.com/
https://www.support-data.com/Bear/2020/Goldarnedest.acaP
http://geoplugin.net/json.gpP
https://g.live.com/odclientsettings/Prod-C:
http://crl.micro
https://www.automobile-bk.de/wp-admin/css/colors/sunrise/XundFAXgnsp84.bin0
http://geoplugin.net/json.gp
https://www.support-data.com/Bear/2020/Goldarnedest.acaXR
http://www.support-data.com
https://www.automobile-bk.de/wp-admin/css/colors/sunrise/XundFAXgnsp84.binNonisVokwww.luuk-lifestyle
https://github.com/Pester/Pester
https://aka.ms/pscore6lB1r
https://www.automobile-bk.de/X
http://crl.ver)
https://contoso.com/Icon
https://contoso.com/License
https://www.automobile-bk.de/wp-admin/css/colors/sunrise/XundFAXgnsp84.bin
http://www.apache.org/licenses/LICENSE-2.0.html
http://geoplugin.net/json.gpl
http://pesterbdd.com/images/Pester.png
http://geoplugin.net/json.gpf
http://nuget.org/NuGet.exe
https://www.support-data.com

Dropped files

No malicious files found. See full and IOC report for all dropped files.