General

  • Target

    d2e68fe4c321e9a4d4582ec24ee07727ab1bf6cb77fe40132d014e03134c2da7

  • Size

    304KB

  • Sample

    220201-k5dlascef2

  • MD5

    fd7bea08621c6b82bdd35f9ee1f87ac9

  • SHA1

    5480ad5f480e456da2c7987b4194528fa0541a11

  • SHA256

    d2e68fe4c321e9a4d4582ec24ee07727ab1bf6cb77fe40132d014e03134c2da7

  • SHA512

    7e1130b94bba640d8fb7b333a05dbd6f397e2c9ee4e48827908c3d8c25b085b8eb314b4aeaf8e9d2fbe2e2cfad3bbebba8b20e3ed7192849e30b91c0b9e5cd04

Malware Config

Targets

    • Target

      d2e68fe4c321e9a4d4582ec24ee07727ab1bf6cb77fe40132d014e03134c2da7

    • Size

      304KB

    • MD5

      fd7bea08621c6b82bdd35f9ee1f87ac9

    • SHA1

      5480ad5f480e456da2c7987b4194528fa0541a11

    • SHA256

      d2e68fe4c321e9a4d4582ec24ee07727ab1bf6cb77fe40132d014e03134c2da7

    • SHA512

      7e1130b94bba640d8fb7b333a05dbd6f397e2c9ee4e48827908c3d8c25b085b8eb314b4aeaf8e9d2fbe2e2cfad3bbebba8b20e3ed7192849e30b91c0b9e5cd04

    • Valak

      Valak is a JavaScript loader, a link in a chain of distribution of other malware families.

    • Valak JavaScript Loader

    • Blocklisted process makes network request

    • Sets service image path in registry

MITRE ATT&CK Enterprise v6

Tasks