Overview

overview

10

Static

static

1

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7a19b01633bbb97b57a2a09de3036ccf21cccc86d517c5de13090f926ac577e0

  • Size

    282KB

  • Sample

    211025-lg7pxagaa3

  • MD5

    08f635f9b21fd42f6f588dbb243a461a

  • SHA1

    fe13e9cee84c4d986189223d562a4d049ae69a67

  • SHA256

    7a19b01633bbb97b57a2a09de3036ccf21cccc86d517c5de13090f926ac577e0

  • SHA512

    f0bc148bc754c44554a1f32b62f1ad5e4c59f281192d8647804582fac5492ec0b06eb3411e8ff22c76031a7a0fbc170f90a23ca7b66bd2891d2d23c72a6be4e3

Score
10/10
neshtapersistencespywarestealer

Malware Config

Targets

    • Target

      7a19b01633bbb97b57a2a09de3036ccf21cccc86d517c5de13090f926ac577e0

    • Size

      282KB

    • MD5

      08f635f9b21fd42f6f588dbb243a461a

    • SHA1

      fe13e9cee84c4d986189223d562a4d049ae69a67

    • SHA256

      7a19b01633bbb97b57a2a09de3036ccf21cccc86d517c5de13090f926ac577e0

    • SHA512

      f0bc148bc754c44554a1f32b62f1ad5e4c59f281192d8647804582fac5492ec0b06eb3411e8ff22c76031a7a0fbc170f90a23ca7b66bd2891d2d23c72a6be4e3

    Score
    10/10
    neshtapersistencespywarestealer

    • Modifies system executable filetype association

      persistence

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks