neshta | d02c7e238675ed340d700e865360567a92cece2754486e033a7957f7f0b33a22 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

d02c7e238675ed340d700e865360567a92cece2754486e033a7957f7f0b33a22
Size

595KB
Sample

211129-r67n4accdp
MD5

1212b3c985046ecb241e195e25a9913b
SHA1

984eb9a8f5cb572774115307d65557e9a6a7f31d
SHA256

d02c7e238675ed340d700e865360567a92cece2754486e033a7957f7f0b33a22
SHA512

e10aecd08a673158e82520deafcaa7e298269c3a0ee123c9ac154b2f85af5946bfbbec5525558a00abee866e72b6710b1ea6a2409c2e2263062276df81da67a3

Score

10^/10

neshta persistence spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

d02c7e238675ed340d700e865360567a92cece2754486e033a7957f7f0b33a22.exe

Resource

win10-en-20211014

neshta persistence spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  d02c7e238675ed340d700e865360567a92cece2754486e033a7957f7f0b33a22
- Size
  
  595KB
- MD5
  
  1212b3c985046ecb241e195e25a9913b
- SHA1
  
  984eb9a8f5cb572774115307d65557e9a6a7f31d
- SHA256
  
  d02c7e238675ed340d700e865360567a92cece2754486e033a7957f7f0b33a22
- SHA512
  
  e10aecd08a673158e82520deafcaa7e298269c3a0ee123c9ac154b2f85af5946bfbbec5525558a00abee866e72b6710b1ea6a2409c2e2263062276df81da67a3
Score

10^/10

neshta persistence spyware stealer
- Detect Neshta Payload
- Modifies system executable filetype association
  persistence
- Neshta
  Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
  persistence spyware neshta
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Change Default File Association

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neshtapersistencespywarestealer

© 2018-2024

Terms | Privacy