General

  • Target

    6321437ec564bb60cb5c6f9a88c2976da27ad7c0839d64898e40271ad6569af6

  • Size

    459KB

  • Sample

    220201-l96y3scfgr

  • MD5

    e9141a74f67b5538bdc911d7d143ee41

  • SHA1

    0d815cb8a100097c30047bfb391ab2ad47793a2b

  • SHA256

    6321437ec564bb60cb5c6f9a88c2976da27ad7c0839d64898e40271ad6569af6

  • SHA512

    10b3189c4d16c96d24a69d6cad6204194ec6834e368ba85cb2087109ab99b9bbaf6c0428aeac408ab3a7da8dfca7ae3fe28f01412e0b68f1c25bfb8e86cd6312

Malware Config

Targets

    • Target

      6321437ec564bb60cb5c6f9a88c2976da27ad7c0839d64898e40271ad6569af6

    • Size

      459KB

    • MD5

      e9141a74f67b5538bdc911d7d143ee41

    • SHA1

      0d815cb8a100097c30047bfb391ab2ad47793a2b

    • SHA256

      6321437ec564bb60cb5c6f9a88c2976da27ad7c0839d64898e40271ad6569af6

    • SHA512

      10b3189c4d16c96d24a69d6cad6204194ec6834e368ba85cb2087109ab99b9bbaf6c0428aeac408ab3a7da8dfca7ae3fe28f01412e0b68f1c25bfb8e86cd6312

    • Valak

      Valak is a JavaScript loader, a link in a chain of distribution of other malware families.

    • Valak JavaScript Loader

    • Blocklisted process makes network request

    • Sets service image path in registry

MITRE ATT&CK Enterprise v6

Tasks