General

  • Target

    be9612e6317beef47c3b23206652e2e61ec3065d2b04e425a2e75d8fa9367b6f

  • Size

    304KB

  • Sample

    220201-lbdjwacafr

  • MD5

    57935a998e31b2d777ff2b40ef532f41

  • SHA1

    8664379751554914e7da50d7d1d1212762b8db30

  • SHA256

    be9612e6317beef47c3b23206652e2e61ec3065d2b04e425a2e75d8fa9367b6f

  • SHA512

    2c0e71bcd6942e0497a0f18d34ec92c201936a2e0b8cd963982c651155e115a5ab2b791b0499daad5c1d33a8ff6c90c150bb71c7edf670bf02fc18aa87ee5720

Malware Config

Targets

    • Target

      be9612e6317beef47c3b23206652e2e61ec3065d2b04e425a2e75d8fa9367b6f

    • Size

      304KB

    • MD5

      57935a998e31b2d777ff2b40ef532f41

    • SHA1

      8664379751554914e7da50d7d1d1212762b8db30

    • SHA256

      be9612e6317beef47c3b23206652e2e61ec3065d2b04e425a2e75d8fa9367b6f

    • SHA512

      2c0e71bcd6942e0497a0f18d34ec92c201936a2e0b8cd963982c651155e115a5ab2b791b0499daad5c1d33a8ff6c90c150bb71c7edf670bf02fc18aa87ee5720

    • Valak

      Valak is a JavaScript loader, a link in a chain of distribution of other malware families.

    • Valak JavaScript Loader

    • Blocklisted process makes network request

    • Sets service image path in registry

MITRE ATT&CK Enterprise v6

Tasks