Overview

overview

10

Static

static

32e1f6091e...72.dll

windows7_x64

10

32e1f6091e...72.dll

windows10-2004_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    32e1f6091e9624588e87e7891f1fabcd725fb26c89ce0f42495d9b53decee472

  • Size

    582KB

  • Sample

    220201-mnkz6aded5

  • MD5

    9e6fc6ca8cef5988e5640b1e2c382941

  • SHA1

    13507bb477b0f4eb05cf013bc4a7ec4cb2203d5c

  • SHA256

    32e1f6091e9624588e87e7891f1fabcd725fb26c89ce0f42495d9b53decee472

  • SHA512

    a37d837bbf8e94a59eb96c0bcee4b783f3f80afd5ed879f165488251f373f167e91e68cec3cd1537bb63f334dab757e20a84c3db58bbc551f97ade8e5bb8f5ee

Score
10/10
valakLoaderpersistence

Malware Config

Targets

    • Target

      32e1f6091e9624588e87e7891f1fabcd725fb26c89ce0f42495d9b53decee472

    • Size

      582KB

    • MD5

      9e6fc6ca8cef5988e5640b1e2c382941

    • SHA1

      13507bb477b0f4eb05cf013bc4a7ec4cb2203d5c

    • SHA256

      32e1f6091e9624588e87e7891f1fabcd725fb26c89ce0f42495d9b53decee472

    • SHA512

      a37d837bbf8e94a59eb96c0bcee4b783f3f80afd5ed879f165488251f373f167e91e68cec3cd1537bb63f334dab757e20a84c3db58bbc551f97ade8e5bb8f5ee

    Score
    10/10
    valakLoaderpersistence

    • Valak

      Valak is a JavaScript loader, a link in a chain of distribution of other malware families.

      Loadervalak

    • Valak JavaScript Loader

    • Blocklisted process makes network request

    • Sets service image path in registry

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks