General

  • Target

    facts,06.20.doc

  • Size

    114KB

  • Sample

    200702-jp8bg2gsdj

  • MD5

    044be39caae5604b0de18f194a8de4dc

  • SHA1

    557f786e4be64a1c8130ee14cd86e937040477f3

  • SHA256

    1a76ae32471c077f6ba8525fdc8812cf8aa242cfc7bfac57d04c91d86e5bd378

  • SHA512

    92f006efef8444454e4367e84681f43c15df30b4ab55aea7c98f761c0351b4090395dd1bcc7ed342674fe33d73bd6a12e0d7531a1cbdc790de075b5b67d5ccdf

Score
10/10

Malware Config

Targets

    • Target

      facts,06.20.doc

    • Size

      114KB

    • MD5

      044be39caae5604b0de18f194a8de4dc

    • SHA1

      557f786e4be64a1c8130ee14cd86e937040477f3

    • SHA256

      1a76ae32471c077f6ba8525fdc8812cf8aa242cfc7bfac57d04c91d86e5bd378

    • SHA512

      92f006efef8444454e4367e84681f43c15df30b4ab55aea7c98f761c0351b4090395dd1bcc7ed342674fe33d73bd6a12e0d7531a1cbdc790de075b5b67d5ccdf

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Valak

      Valak is a JavaScript loader, a link in a chain of distribution of other malware families.

    • Valak JavaScript Loader

    • Loads dropped DLL

    • JavaScript code in executable

MITRE ATT&CK Enterprise v6

Tasks