4bd7d4ccfd5c2935b6bd7b6fad313f73f69d5a05101ea97747e59a21f463781e

Submit
Reports

Overview

overview

Static

static

Install Termius.exe

windows10-1703-x64

$PLUGINSDI...er.dll

windows10-1703-x64

$PLUGINSDI...ls.dll

windows10-1703-x64

$PLUGINSDI...em.dll

windows10-1703-x64

$PLUGINSDI...ll.dll

windows10-1703-x64

Termius.exe

windows10-1703-x64

locales/de.ps1

windows10-1703-x64

resources/...ar.dll

windows10-1703-x64

resources/...dex.js

windows10-1703-x64

resources/...or.dll

windows10-1703-x64

resources/...46.dll

windows10-1703-x64

resources/...o2.dll

windows10-1703-x64

resources/...js.dll

windows10-1703-x64

resources/...48.dll

windows10-1703-x64

resources/...20.dll

windows10-1703-x64

resources/...b1.dll

windows10-1703-x64

resources/...us.dll

windows10-1703-x64

resources/...dex.js

windows10-1703-x64

resources/...nt.dll

windows10-1703-x64

resources/...ng.dll

windows10-1703-x64

resources/elevate.exe

windows10-1703-x64

vk_swiftshader.dll

windows10-1703-x64

vulkan-1.dll

windows10-1703-x64

resources/...gs.dll

windows10-1703-x64

resources/...ng.dll

windows10-1703-x64

resources/elevate.exe

windows10-1703-x64

$PLUGINSDI...ec.dll

windows10-1703-x64

$PLUGINSDI...7z.dll

windows10-1703-x64

$R0/Uninst...us.exe

windows10-1703-x64

$PLUGINSDI...em.dll

windows10-1703-x64

$PLUGINSDI...ll.dll

windows10-1703-x64

$PLUGINSDI...ec.dll

windows10-1703-x64

Resubmissions

23-05-2024 17:43

240523-waxw8sag81 10

07-05-2024 14:30

240507-rvdlwabb6s 10

25-03-2024 12:06

240325-n94j3aaa9v 10

Analysis

max time kernel
130s
max time network
138s
platform
windows10-1703_x64
resource
win10-20240221-en
resource tags

arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system
submitted
25-03-2024 12:06

Sharing

Copy URL

Twitter E-mail

Static task

static1

egregor

3 signatures

Behavioral task

behavioral1

Sample

Install Termius.exe

Resource

win10-20240221-en

discovery

windows10-1703-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

$PLUGINSDIR/SpiderBanner.dll

Resource

win10-20240221-en

windows10-1703-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/StdUtils.dll

Resource

win10-20240214-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/System.dll

Resource

win10-20240221-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/WinShell.dll

Resource

win10-20240221-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

Termius.exe

Resource

win10-20240221-en

windows10-1703-x64

7 signatures

150 seconds

Behavioral task

behavioral7

Sample

locales/de.ps1

Resource

win10-20240221-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

resources/app.asar.unpacked/node_modules/@termius/keytar/win-ia32/keytar.dll

Resource

win10-20240221-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral9

Sample

resources/app.asar.unpacked/node_modules/@termius/libfido2/index.js

Resource

win10-20240221-en

windows10-1703-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

resources/app.asar.unpacked/node_modules/@termius/libfido2/win-ia32/cbor.dll

Resource

win10-20240221-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral11

Sample

resources/app.asar.unpacked/node_modules/@termius/libfido2/win-ia32/crypto-46.dll

Resource

win10-20240221-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

resources/app.asar.unpacked/node_modules/@termius/libfido2/win-ia32/fido2.dll

Resource

win10-20240221-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral13

Sample

resources/app.asar.unpacked/node_modules/@termius/libfido2/win-ia32/libfido2-nodejs.dll

Resource

win10-20240221-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral14

Sample

resources/app.asar.unpacked/node_modules/@termius/libfido2/win-ia32/ssl-48.dll

Resource

win10-20240221-en

windows10-1703-x64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

resources/app.asar.unpacked/node_modules/@termius/libfido2/win-ia32/tls-20.dll

Resource

win10-20240221-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral16

Sample

resources/app.asar.unpacked/node_modules/@termius/libfido2/win-ia32/zlib1.dll

Resource

win10-20240221-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral17

Sample

resources/app.asar.unpacked/node_modules/@termius/libtermius/win-ia32/termius.dll

Resource

win10-20240214-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral18

Sample

resources/app.asar.unpacked/node_modules/@termius/mosh/index.js

Resource

win10-20240221-en

windows10-1703-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

resources/app.asar.unpacked/node_modules/@termius/mosh/win-ia32/moshclient.dll

Resource

win10-20240221-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral20

Sample

resources/app.asar.unpacked/node_modules/@termius/windows-iap-bridge/win-ia32/binding.dll

Resource

win10-20240221-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral21

Sample

resources/elevate.exe

Resource

win10-20240221-en

windows10-1703-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

vk_swiftshader.dll

Resource

win10-20240221-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral23

Sample

vulkan-1.dll

Resource

win10-20240319-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral24

Sample

resources/app.asar.unpacked/node_modules/@termius/serialport-bindings/win-x64/bindings.dll

Resource

win10-20240221-en

windows10-1703-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

resources/app.asar.unpacked/node_modules/@termius/windows-iap-bridge/win-x64/binding.dll

Resource

win10-20240221-en

windows10-1703-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

resources/elevate.exe

Resource

win10-20240221-en

windows10-1703-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

$PLUGINSDIR/nsExec.dll

Resource

win10-20240221-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral28

Sample

$PLUGINSDIR/nsis7z.dll

Resource

win10-20240214-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral29

Sample

$R0/Uninstall Termius.exe

Resource

win10-20240221-en

windows10-1703-x64

8 signatures

150 seconds

Behavioral task

behavioral30

Sample

$PLUGINSDIR/System.dll

Resource

win10-20240221-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral31

Sample

$PLUGINSDIR/WinShell.dll

Resource

win10-20240221-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral32

Sample

$PLUGINSDIR/nsExec.dll

Resource

win10-20240221-en

windows10-1703-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

resources/elevate.exe
Size

125KB
MD5

4755ef0b762c795afc15049d3d7b553b
SHA1

71e5feb37d02a4a5bdacb0356a34338d9be8bbfb
SHA256

2397621e80b84afb4b2c50cf911f503ccc930f307d0235f1e811a89ef2fc5a3f
SHA512

0aa858563070816bb313632f500827500097c1bed5d29367c12a3499af53f9d938d3f0a528cd8985800cc5733a07a8e6dd04452aa1a7109ff29ccd3eb3ff4679
SSDEEP

3072:WVbLnrwQoRDtdMMgSXiFJWcIgUVCfRjV/GrWlYSTmje3:CPrwRhte1XsE1l9B

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\resources\elevate.exe
"C:\Users\Admin\AppData\Local\Temp\resources\elevate.exe"
1⤵
PID:4640

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads