Analysis Overview
score
10/10
SHA256
395df3a563bc865221738b938998e6a45094f5c396302e4f151631e78aeb9d2d
Threat Level: Known bad
The file valak-8.js was found to be: Known bad.
Malicious Activity Summary
Valak JavaScript Loader
Valak family
js
MITRE ATT&CK
N/A
Analysis: static1
Detonation Overview
Reported
2020-06-02 08:58
Signatures
js
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Valak JavaScript Loader
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Valak family
Analysis: behavioral1
Detonation Overview
Submitted
2020-06-02 08:58
Reported
2020-06-02 09:03
Platform
win7v200430
Max time kernel
141s
Max time network
36s
Command Line
wscript.exe C:\Users\Admin\AppData\Local\Temp\valak-8.js
Signatures
N/A
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\valak-8.js
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\WmiApSrv.exe
Network
| Country | Destination | Domain | Proto |
| N/A | 239.255.255.250:1900 | udp | |
| N/A | 239.255.255.250:1900 | udp |
Files
memory/1520-0-0x0000000002400000-0x0000000002404000-memory.dmp