General
-
Target
2024-04-26_760668c1961f3b473cc0046981d4b21e_termite
-
Size
1.9MB
-
Sample
240427-ajqzdsfh4z
-
MD5
760668c1961f3b473cc0046981d4b21e
-
SHA1
932cee12df51acdc8e9e614e39b0a3d7c1fe6766
-
SHA256
f40b99d2552ecb56d072caa1b94185ae5874b86c2b6d9166f0225ad9be46ada9
-
SHA512
1a1b99ba2b70ac159b2219fe6bb13cfe1932d7c82fbd846b776791882d382983f51b019dfa87eb1f2641cf80a36977f00a194b5866264c52c24e953fd81428d4
-
SSDEEP
24576:tnxLSUXY7WSIGgjxvYaxKMiZA+yH6uw1ECvGX6H7O3YpPNaG:txOUpSIZtv1xim+y6HLOO3
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-26_760668c1961f3b473cc0046981d4b21e_termite.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-26_760668c1961f3b473cc0046981d4b21e_termite.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-04-26_760668c1961f3b473cc0046981d4b21e_termite
-
Size
1.9MB
-
MD5
760668c1961f3b473cc0046981d4b21e
-
SHA1
932cee12df51acdc8e9e614e39b0a3d7c1fe6766
-
SHA256
f40b99d2552ecb56d072caa1b94185ae5874b86c2b6d9166f0225ad9be46ada9
-
SHA512
1a1b99ba2b70ac159b2219fe6bb13cfe1932d7c82fbd846b776791882d382983f51b019dfa87eb1f2641cf80a36977f00a194b5866264c52c24e953fd81428d4
-
SSDEEP
24576:tnxLSUXY7WSIGgjxvYaxKMiZA+yH6uw1ECvGX6H7O3YpPNaG:txOUpSIZtv1xim+y6HLOO3
-
Renames multiple (8473) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Possible privilege escalation attempt
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Drops file in System32 directory
-