Malware Analysis Report

2024-11-15 09:09

Sample ID 200602-hl9xkvxfkx
Target valak-8.js
SHA256 395df3a563bc865221738b938998e6a45094f5c396302e4f151631e78aeb9d2d
Tags
valak
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

395df3a563bc865221738b938998e6a45094f5c396302e4f151631e78aeb9d2d

Threat Level: Known bad

The file valak-8.js was found to be: Known bad.

Malicious Activity Summary

valak

Valak JavaScript Loader

Valak family

js

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2020-06-02 08:58

Signatures

js

Description Indicator Process Target
N/A N/A N/A N/A

Valak JavaScript Loader

Description Indicator Process Target
N/A N/A N/A N/A

Valak family

valak

Analysis: behavioral1

Detonation Overview

Submitted

2020-06-02 08:58

Reported

2020-06-02 09:03

Platform

win7v200430

Max time kernel

141s

Max time network

36s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\valak-8.js

Signatures

N/A

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\valak-8.js

C:\Windows\system32\wbem\WmiApSrv.exe

C:\Windows\system32\wbem\WmiApSrv.exe

C:\Windows\system32\wbem\WmiApSrv.exe

C:\Windows\system32\wbem\WmiApSrv.exe

Network

Country Destination Domain Proto
N/A 239.255.255.250:1900 udp
N/A 239.255.255.250:1900 udp

Files

memory/1520-0-0x0000000002400000-0x0000000002404000-memory.dmp