Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d48ba61686bed9bcd76c92cca9e720d9afd6695b4ac2e62b5772af8367fff20f

  • Size

    516KB

  • Sample

    211130-bsehdsdbdm

  • MD5

    daa5fbc7355c6586aaf420a8c1b2e989

  • SHA1

    c9554309b0266c41bd945f43c74da5139994ef17

  • SHA256

    d48ba61686bed9bcd76c92cca9e720d9afd6695b4ac2e62b5772af8367fff20f

  • SHA512

    64ced6fcc04cb810105d7782db0582b4588092499da18787135073cc069f448e6482938006f1e60cac3289febce52e8be085e3e313795772be5cad79582f805c

Score
10/10
neshtapersistencespywarestealer

Malware Config

Targets

    • Target

      d48ba61686bed9bcd76c92cca9e720d9afd6695b4ac2e62b5772af8367fff20f

    • Size

      516KB

    • MD5

      daa5fbc7355c6586aaf420a8c1b2e989

    • SHA1

      c9554309b0266c41bd945f43c74da5139994ef17

    • SHA256

      d48ba61686bed9bcd76c92cca9e720d9afd6695b4ac2e62b5772af8367fff20f

    • SHA512

      64ced6fcc04cb810105d7782db0582b4588092499da18787135073cc069f448e6482938006f1e60cac3289febce52e8be085e3e313795772be5cad79582f805c

    Score
    10/10
    neshtapersistencespywarestealer

    • Detect Neshta Payload

    • Modifies system executable filetype association

      persistence

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks