General

  • Target

    51fdcd71f161fa38d4575ab11c2c5a1d400a2811185cbd0e7ee6f3ec9ad89f68

  • Size

    180KB

  • Sample

    220201-me9bdscggk

  • MD5

    6ec851c605883e9434b29b1e36635e5b

  • SHA1

    c5ce9b23956c083ad0bebd3801509dccf24c8e48

  • SHA256

    51fdcd71f161fa38d4575ab11c2c5a1d400a2811185cbd0e7ee6f3ec9ad89f68

  • SHA512

    f5924707a51f108e05ae1e5288a64bce7e0a58a7e76d4bb23705d77b8da046ab82eb1c9de6d43f5efd5054404662452e63fe6cd43db780823b64dca1522a736f

Malware Config

Targets

    • Target

      51fdcd71f161fa38d4575ab11c2c5a1d400a2811185cbd0e7ee6f3ec9ad89f68

    • Size

      180KB

    • MD5

      6ec851c605883e9434b29b1e36635e5b

    • SHA1

      c5ce9b23956c083ad0bebd3801509dccf24c8e48

    • SHA256

      51fdcd71f161fa38d4575ab11c2c5a1d400a2811185cbd0e7ee6f3ec9ad89f68

    • SHA512

      f5924707a51f108e05ae1e5288a64bce7e0a58a7e76d4bb23705d77b8da046ab82eb1c9de6d43f5efd5054404662452e63fe6cd43db780823b64dca1522a736f

    • Valak

      Valak is a JavaScript loader, a link in a chain of distribution of other malware families.

    • Valak JavaScript Loader

    • Blocklisted process makes network request

    • Sets service image path in registry

MITRE ATT&CK Enterprise v6

Tasks