Overview

overview

10

Static

static

1

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ffcb58607a899a81daab4aa0e9774c113d43c339143d94ad1c65fe0fc8a8eb83

  • Size

    231KB

  • Sample

    211022-a58rbsbhdn

  • MD5

    4f4f0be55a47ca448fd0712cb4063afd

  • SHA1

    f6ffb3b02554827c365fef32037580cff8643eaa

  • SHA256

    ffcb58607a899a81daab4aa0e9774c113d43c339143d94ad1c65fe0fc8a8eb83

  • SHA512

    274d74308fbc334a33f45aac589311ec8a42318bf7d77c15fa6b9c3f7e88c95a29599078d820c8ed9890a7a5d57656456d296cf981ebd7a2043f2c8e3b22b4dc

Score
10/10
neshtapersistencespywarestealer

Malware Config

Targets

    • Target

      ffcb58607a899a81daab4aa0e9774c113d43c339143d94ad1c65fe0fc8a8eb83

    • Size

      231KB

    • MD5

      4f4f0be55a47ca448fd0712cb4063afd

    • SHA1

      f6ffb3b02554827c365fef32037580cff8643eaa

    • SHA256

      ffcb58607a899a81daab4aa0e9774c113d43c339143d94ad1c65fe0fc8a8eb83

    • SHA512

      274d74308fbc334a33f45aac589311ec8a42318bf7d77c15fa6b9c3f7e88c95a29599078d820c8ed9890a7a5d57656456d296cf981ebd7a2043f2c8e3b22b4dc

    Score
    10/10
    neshtapersistencespywarestealer

    • Modifies system executable filetype association

      persistence

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Change Default File Association

1
T1042

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Credentials in Files

1
T1081

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks