General

  • Target

    hanw1_.dll

  • Size

    189KB

  • Sample

    201217-q14f3j1jen

  • MD5

    232d23bd821b2b22f2e6a05593ea5eda

  • SHA1

    1d64249d04182f9c768a162f11d30164ccccbf79

  • SHA256

    2979faddfbed3bc999071245a94efab628ed7824f09e12e04461b4f2f0519648

  • SHA512

    1498a45bf47919921c8c1fd44a94eedda95840de938eb09c9f4a001c4fa71096ee0f114e7845f98b19c025ef57ba1c724e90d67153c5ccf72436c2ebefa9e5cd

Score
10/10

Malware Config

Targets

    • Target

      hanw1_.dll

    • Size

      189KB

    • MD5

      232d23bd821b2b22f2e6a05593ea5eda

    • SHA1

      1d64249d04182f9c768a162f11d30164ccccbf79

    • SHA256

      2979faddfbed3bc999071245a94efab628ed7824f09e12e04461b4f2f0519648

    • SHA512

      1498a45bf47919921c8c1fd44a94eedda95840de938eb09c9f4a001c4fa71096ee0f114e7845f98b19c025ef57ba1c724e90d67153c5ccf72436c2ebefa9e5cd

    Score
    10/10
    • Valak

      Valak is a JavaScript loader, a link in a chain of distribution of other malware families.

    • Valak JavaScript Loader

    • Blocklisted process makes network request

    • JavaScript code in executable

MITRE ATT&CK Enterprise v6

Tasks