General

  • Target

    92c3ba6def48aa0d6b17a9b126570012a9f15044ebf013d65f8a929b7ec53c72

  • Size

    304KB

  • Sample

    220201-lsnfeadaa3

  • MD5

    24962de5a5099d1c07a89994b5052b93

  • SHA1

    7fbdcd3d618daba20c65351a60b767ece079a026

  • SHA256

    92c3ba6def48aa0d6b17a9b126570012a9f15044ebf013d65f8a929b7ec53c72

  • SHA512

    bc9b355ccc91285e66e86d39a84e2f8ef289384b2b1817810ddf893f9c8d0a2d91f8b99bd95b09014408dddac147584f1e0dd5918933ecd6c8943a1e2432ea57

Malware Config

Targets

    • Target

      92c3ba6def48aa0d6b17a9b126570012a9f15044ebf013d65f8a929b7ec53c72

    • Size

      304KB

    • MD5

      24962de5a5099d1c07a89994b5052b93

    • SHA1

      7fbdcd3d618daba20c65351a60b767ece079a026

    • SHA256

      92c3ba6def48aa0d6b17a9b126570012a9f15044ebf013d65f8a929b7ec53c72

    • SHA512

      bc9b355ccc91285e66e86d39a84e2f8ef289384b2b1817810ddf893f9c8d0a2d91f8b99bd95b09014408dddac147584f1e0dd5918933ecd6c8943a1e2432ea57

    • Valak

      Valak is a JavaScript loader, a link in a chain of distribution of other malware families.

    • Valak JavaScript Loader

    • Blocklisted process makes network request

    • Sets service image path in registry

MITRE ATT&CK Enterprise v6

Tasks