Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cb15585aac621fef5710d7c2b6cc714d7d3283576717cd7738a0898d5b63a470

  • Size

    4.9MB

  • Sample

    220303-jy4y8sbecn

  • MD5

    09f5e3fc4a15fbf25724fc2f95394166

  • SHA1

    99d985c1562944169823da75a5b8246e83cf7232

  • SHA256

    cb15585aac621fef5710d7c2b6cc714d7d3283576717cd7738a0898d5b63a470

  • SHA512

    7cde89e56f79a3c626e0d1779783b8a47d76aee11c27987a1fa9cbcbf94e613c7f76d7f743e49668a0b369c62aed9f2f5552b7278cafa76b2562d62d0915b6bf

Score
10/10
neshtapersistencespywarestealer

Malware Config

Targets

    • Target

      cb15585aac621fef5710d7c2b6cc714d7d3283576717cd7738a0898d5b63a470

    • Size

      4.9MB

    • MD5

      09f5e3fc4a15fbf25724fc2f95394166

    • SHA1

      99d985c1562944169823da75a5b8246e83cf7232

    • SHA256

      cb15585aac621fef5710d7c2b6cc714d7d3283576717cd7738a0898d5b63a470

    • SHA512

      7cde89e56f79a3c626e0d1779783b8a47d76aee11c27987a1fa9cbcbf94e613c7f76d7f743e49668a0b369c62aed9f2f5552b7278cafa76b2562d62d0915b6bf

    Score
    10/10
    neshtapersistencespywarestealer

    • Detect Neshta Payload

    • Modifies system executable filetype association

      persistence

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks