valleyrat_s2 | 17bcf22fac3e650231a57f198f7885f5d46ea6f5abfe0d6923a3c70b152b7a68 | Triage

Sharing

General

Target

2680-21-0x0000000010000000-0x0000000010024000-memory.dmp
Size

144KB
Sample

250328-jtll4avqy5
MD5

7f1b8465d7bcd50576e8ea39261d6081
SHA1

2f2bfc949bd1c29406cabcaebfdd4f659457672f
SHA256

17bcf22fac3e650231a57f198f7885f5d46ea6f5abfe0d6923a3c70b152b7a68
SHA512

2cdf91d566c27292ab96e3886a9f8c33b24a1719fb0eb592f366867dbe59b28287ec8ab3f83aa9ccdb24083dcd6570740a154166f9c8d88efe8039fb699e05df
SSDEEP

3072:oQWMJcsY7lE1g9DyLaoFtfiggN/YneX5zYAB:oQWlq1g1yLLfiggN/9sAB

Score

10^/10

valleyrat_s2 discovery

Malware Config

Extracted

Family

valleyrat_s2

Version

1.0

C2

154.44.8.39:443

154.44.8.39:80

154.44.8.39:8011

Attributes

campaign_date
2025. 3. 7

Targets

- Target
  
  2680-21-0x0000000010000000-0x0000000010024000-memory.dmp
- Size
  
  144KB
- MD5
  
  7f1b8465d7bcd50576e8ea39261d6081
- SHA1
  
  2f2bfc949bd1c29406cabcaebfdd4f659457672f
- SHA256
  
  17bcf22fac3e650231a57f198f7885f5d46ea6f5abfe0d6923a3c70b152b7a68
- SHA512
  
  2cdf91d566c27292ab96e3886a9f8c33b24a1719fb0eb592f366867dbe59b28287ec8ab3f83aa9ccdb24083dcd6570740a154166f9c8d88efe8039fb699e05df
- SSDEEP
  
  3072:oQWMJcsY7lE1g9DyLaoFtfiggN/YneX5zYAB:oQWlq1g1yLLfiggN/9sAB
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2