General

  • Target

    498275a211ee32c44d8c6a72440338407784b9fbf47f9c598591f25f242d8c1b

  • Size

    321KB

  • Sample

    220201-hykpxsbah9

  • MD5

    08e624448c93af58aca94586e0748598

  • SHA1

    48ce5f2a5be760acae63a7494e9dfd84d87c1014

  • SHA256

    498275a211ee32c44d8c6a72440338407784b9fbf47f9c598591f25f242d8c1b

  • SHA512

    9273a31516c059560c5c50d8bd92ba320612af3d302f05bb69a6956d6c60210c9b2795ec71e3738bbc3dc1f6b77c957fd4ecf5a8a66c85aa92efbe12687b3389

Malware Config

Targets

    • Target

      498275a211ee32c44d8c6a72440338407784b9fbf47f9c598591f25f242d8c1b

    • Size

      321KB

    • MD5

      08e624448c93af58aca94586e0748598

    • SHA1

      48ce5f2a5be760acae63a7494e9dfd84d87c1014

    • SHA256

      498275a211ee32c44d8c6a72440338407784b9fbf47f9c598591f25f242d8c1b

    • SHA512

      9273a31516c059560c5c50d8bd92ba320612af3d302f05bb69a6956d6c60210c9b2795ec71e3738bbc3dc1f6b77c957fd4ecf5a8a66c85aa92efbe12687b3389

    • Valak

      Valak is a JavaScript loader, a link in a chain of distribution of other malware families.

    • Valak JavaScript Loader

    • Blocklisted process makes network request

    • Sets service image path in registry

MITRE ATT&CK Enterprise v6

Tasks