General

  • Target

    ursnif_67d50b0bc1378e988681b003e8f120c2.zip

  • Size

    124KB

  • Sample

    201218-t5dh7c226n

  • MD5

    51a4938a31533e3de6cc494b465d0910

  • SHA1

    2d67c0a1469eca249195c9f7a5b601665ea59768

  • SHA256

    4549682efee202d2a62073149bea58b1fa644e10a53f72865bfc7888852297fd

  • SHA512

    0dc1f6a8dd66f686d049e6d6d7ba4ca428d8aeb412a3680269cf5b9b2a50696802409ea86d9bd0dc65da525d6823274a064e6bc7675c301aa0b297a11ab14d95

Score
10/10

Malware Config

Targets

    • Target

      ef5a447acac5b942f172e810f7bd3c265f70981be59052afe7360584bfc0de99

    • Size

      180KB

    • MD5

      67d50b0bc1378e988681b003e8f120c2

    • SHA1

      e3cbdb60e82356fd3d942493f2d499b3096974ad

    • SHA256

      ef5a447acac5b942f172e810f7bd3c265f70981be59052afe7360584bfc0de99

    • SHA512

      8e4377ecd222d83727cbece9e61a4775150b09ec9295e2b106a52f915d1a371ded4d61d2c1950776994edc43de17783003b9654ae3a44d1da06391fedf908afc

    Score
    10/10
    • Valak

      Valak is a JavaScript loader, a link in a chain of distribution of other malware families.

    • Valak JavaScript Loader

    • Blocklisted process makes network request

    • JavaScript code in executable

MITRE ATT&CK Matrix

Tasks