Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a56201e88978eee0be785d68c9f510b25dc8d5e702af0b9d17dec5e507fc3626

  • Size

    627KB

  • Sample

    211118-dzvt3aefa8

  • MD5

    f8906462bfd37551085272bb77ff8eac

  • SHA1

    faa366615778213d0969743eba215b957fbec235

  • SHA256

    a56201e88978eee0be785d68c9f510b25dc8d5e702af0b9d17dec5e507fc3626

  • SHA512

    79c58d7b7fbb71ed3afa23f32a9ca4a17bf7463ed28375333c2865ddf9d8bbf2f430879fcf7925dfcac71ec45c80e41bbf2d4dff4c1b09f14dba187b6b814038

Score
10/10
neshtapersistencespywarestealer

Malware Config

Targets

    • Target

      a56201e88978eee0be785d68c9f510b25dc8d5e702af0b9d17dec5e507fc3626

    • Size

      627KB

    • MD5

      f8906462bfd37551085272bb77ff8eac

    • SHA1

      faa366615778213d0969743eba215b957fbec235

    • SHA256

      a56201e88978eee0be785d68c9f510b25dc8d5e702af0b9d17dec5e507fc3626

    • SHA512

      79c58d7b7fbb71ed3afa23f32a9ca4a17bf7463ed28375333c2865ddf9d8bbf2f430879fcf7925dfcac71ec45c80e41bbf2d4dff4c1b09f14dba187b6b814038

    Score
    10/10
    neshtapersistencespywarestealer

    • Modifies system executable filetype association

      persistence

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks