General

  • Target

    bjj.zip

  • Size

    1.2MB

  • MD5

    d4f3aac49d3433b577e108b9073175d4

  • SHA1

    914d3cd38d92e1f73d60c649b08ae3ab65447ad7

  • SHA256

    93342ba29bb4352232870a25963ee5574fa7d78b29f20776cf8f13dc51432785

  • SHA512

    d2e847d9353bb9af80231b16460a6a87187058701b1cbb181e23dc201df58715a8e6f1f35772590ace81be76ea6da0ecdf6f9672beb9a2ba766e7afc2f520daa

  • SSDEEP

    24576:40zEarfEA0zj/WHdEJ8VAvEiNcYRxq1dkPK2M5k3egc6Wckj1X:VTrKW6Oueck1CPKR8egZ5kR

Score
10/10

Malware Config

Signatures

  • Detect Neshta payload 1 IoCs
  • Neshta family
  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • bjj.zip
    .zip
  • Defender.Control.2.1/dControl.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • Defender.Control.2.1/dControl.ini
  • NS.zip
    .zip
  • 3. Scan network drives/9.1 Finder.exe
    .exe windows:6 windows x86 arch:x86

    0b0d8152ea7241cce613146b80a998fd


    Headers

    Imports

    Sections

  • 3. Scan network drives/9.2 NS.exe
    .exe windows:6 windows x86 arch:x86

    733f7562c0e84becfc88e3ebc2f59e98


    Headers

    Imports

    Sections

  • [email protected]
    .exe windows:5 windows x86 arch:x86

    6fe1a71a390c8ad376ecc9d5cc58c394


    Headers

    Imports

    Sections

  • open_for_back_your_files.txt