Overview

overview

10

Static

static

10

Install Termius.exe

windows10-2004-x64

6

Resubmissions

28-03-2024 10:49

240328-mwvjkaaf91 10

27-03-2024 18:39

240327-xa3cdshh26 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Install Termius.exe

  • Size

    174.7MB

  • Sample

    240328-mwvjkaaf91

  • MD5

    47dd221e93e67afaec0c9da2faad8c2d

  • SHA1

    cc6e78e778a6369022d16e218a8578ec4a7e64bb

  • SHA256

    e66fd24e29c4cd33772fbda049a4efc7b55a0c22959d0d56d0fa77bd34040864

  • SHA512

    30b4246bcdf4c34408fde8b0eb813301135b2e493ea069eda2f20e737bde667574b9c1ff08e2346977e945dc75a1c9e10211418a4d52703485e4906f5db6331a

  • SSDEEP

    3145728:pnTEziz7qeKOmhoSiH9wwDTD5yCeEQ3Tdpf+5bCGMNMkWxoU5oPb60:BA67qJhiSNwHtyZEQ33vDfQA60

Score
10/10
egregordiscovery

Malware Config

Targets

    • Target

      Install Termius.exe

    • Size

      174.7MB

    • MD5

      47dd221e93e67afaec0c9da2faad8c2d

    • SHA1

      cc6e78e778a6369022d16e218a8578ec4a7e64bb

    • SHA256

      e66fd24e29c4cd33772fbda049a4efc7b55a0c22959d0d56d0fa77bd34040864

    • SHA512

      30b4246bcdf4c34408fde8b0eb813301135b2e493ea069eda2f20e737bde667574b9c1ff08e2346977e945dc75a1c9e10211418a4d52703485e4906f5db6331a

    • SSDEEP

      3145728:pnTEziz7qeKOmhoSiH9wwDTD5yCeEQ3Tdpf+5bCGMNMkWxoU5oPb60:BA67qJhiSNwHtyZEQ33vDfQA60

    Score
    6/10
    discovery

    • Legitimate hosting services abused for malware hosting/C2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

4
T1012

System Information Discovery

3
T1082

Process Discovery

1
T1057

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks