Overview

overview

10

Static

static

1

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    10582cb77db8a793346cb4ded73df5e63fcb1d3f9ed252a13d8b38c2b8463c56

  • Size

    230KB

  • Sample

    211022-fkva4acadn

  • MD5

    fc47d6284d44425fdb5da2519096c5a5

  • SHA1

    77c03a6d3583480c432c64bd0d634394ccdb2f87

  • SHA256

    10582cb77db8a793346cb4ded73df5e63fcb1d3f9ed252a13d8b38c2b8463c56

  • SHA512

    bb905c6c86d404ce89a78c88b063eec17f8362dabcfced865d0285c50247c10d9e8d917722919922129eed5dc8926adbb8f0f54df5756100d86e1e9cbf249749

Score
10/10
neshtapersistencespywarestealer

Malware Config

Targets

    • Target

      10582cb77db8a793346cb4ded73df5e63fcb1d3f9ed252a13d8b38c2b8463c56

    • Size

      230KB

    • MD5

      fc47d6284d44425fdb5da2519096c5a5

    • SHA1

      77c03a6d3583480c432c64bd0d634394ccdb2f87

    • SHA256

      10582cb77db8a793346cb4ded73df5e63fcb1d3f9ed252a13d8b38c2b8463c56

    • SHA512

      bb905c6c86d404ce89a78c88b063eec17f8362dabcfced865d0285c50247c10d9e8d917722919922129eed5dc8926adbb8f0f54df5756100d86e1e9cbf249749

    Score
    10/10
    neshtapersistencespywarestealer

    • Modifies system executable filetype association

      persistence

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks