{"id":5396,"date":"2020-07-15T23:05:20","date_gmt":"2020-07-16T06:05:20","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=5396"},"modified":"2024-04-26T13:21:21","modified_gmt":"2024-04-26T20:21:21","slug":"valak-downloader-infostealer-delivers-icedid-banking","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/valak-downloader-infostealer-delivers-icedid-banking\/","title":{"rendered":"Valak Downloader\/InfoStealer Delivers IcedID Banking"},"content":{"rendered":"

Between 24 June and 1 July, security researcher Brad Duncan reported four malware campaigns that used the Valak malware loader to deliver the IcedID banking trojan. 1,2,3,4<\/sup><\/p>\n

Valak is a sophisticated modular malware that acts as both a malware loader and information stealer (infostealer). It was first observed in late 2019 and quickly evolved, with the creators producing over 30 new versions of the malware in the span of just six months.5<\/sup> Valak\u2019s modular nature allows the authors to rapidly develop and deploy new malicious code to infected systems in order to expand the malware’s capabilities.<\/p>\n

The reports of these Valak campaigns did not specify how the malware was initially distributed, but based on recent reports about Valak\u2019s behavior,6<\/sup> it is likely that the reported campaigns used a technique known as a \u201creply chain attack\u201d to deliver the malware via email.<\/p>\n

Unlike malicious spam (malspam) techniques that use arbitrary email accounts to indiscriminately deliver malicious emails to a large number of targets, reply chain attacks use hijacked email accounts to send targeted replies to legitimate emails sent to the hijacked account. This makes the malicious emails much harder to detect because they appear to be legitimate responses to existing conversations sent by accounts the recipient already knows.<\/p>\n

The Valak attack chain begins when the victim downloads a password-protected ZIP file from an email attachment or link7<\/sup> and extracts it using a password contained in the body of the email. The extracted file is a malicious Microsoft Word document that instructs the victim to enable macros in order to view its contents.<\/p>\n

When the victim does so, the macros within the document contact a PHP-based download proxy to retrieve the initial Valak dynamic-link library (DLL) payload. This behavior is similar to certain versions of Ursnif (a.k.a. Gozi) and some security solutions may incorrectly identify it as such. After downloading the Valak DLL payload, the macros use the Windows Register Server (regsrv32.exe<\/em>) to register and execute it.<\/p>\n

Infoblox\u2019s full report on this instance of the malware will be available soon on our Threat Intelligence Reports<\/a> page.<\/p>\n

Endnotes<\/strong><\/p>\n

    \n
  1. http:\/\/malware-traffic-analysis.net\/2020\/06\/24\/index.html<\/a><\/li>\n
  2. http:\/\/malware-traffic-analysis.net\/2020\/06\/26\/index.html<\/a><\/li>\n
  3. http:\/\/malware-traffic-analysis.net\/2020\/06\/30\/index.html<\/a><\/li>\n
  4. http:\/\/malware-traffic-analysis.net\/2020\/07\/01\/index.html<\/a><\/li>\n
  5. https:\/\/www.cybereason.com\/blog\/valak-more-than-meets-the-eye<\/a><\/li>\n
  6. https:\/\/labs.sentinelone.com\/valak-malware-and-the-connection-to-gozi-loader-confcrew\/<\/a><\/li>\n
  7. https:\/\/twitter.com\/malware_traffic\/status\/1278481732413657088<\/a><\/li>\n<\/ol>\n

     <\/p>\n","protected":false},"excerpt":{"rendered":"

    Between 24 June and 1 July, security researcher Brad Duncan reported four malware campaigns that used the Valak malware loader to deliver the IcedID banking trojan. 1,2,3,4 Valak is a sophisticated modular malware that acts as both a malware loader and information stealer (infostealer). It was first observed in late 2019 and quickly evolved, with […]<\/p>\n","protected":false},"author":397,"featured_media":3324,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[254],"tags":[32],"class_list":{"0":"post-5396","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threat-intelligence","8":"tag-malware","9":"entry"},"acf":[],"yoast_head":"\nValak Downloader\/InfoStealer Delivers IcedID Banking<\/title>\n<meta name=\"description\" content=\"Valak is a sophisticated modular malware that acts as both a malware loader and information stealer (infostealer). It was first observed in late 2019 and quickly evolved, with the creators producing over 30 new versions of the malware in the span of just six months.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/valak-downloader-infostealer-delivers-icedid-banking\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Valak Downloader\/InfoStealer Delivers IcedID Banking\" \/>\n<meta property=\"og:description\" content=\"Valak is a sophisticated modular malware that acts as both a malware loader and information stealer (infostealer). It was first observed in late 2019 and quickly evolved, with the creators producing over 30 new versions of the malware in the span of just six months.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/valak-downloader-infostealer-delivers-icedid-banking\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2020-07-16T06:05:20+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-26T20:21:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/top-10-dns-attacks.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"660\" \/>\n\t<meta property=\"og:image:height\" content=\"454\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Infoblox Threat Intel\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Infoblox Threat Intel\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/valak-downloader-infostealer-delivers-icedid-banking\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/valak-downloader-infostealer-delivers-icedid-banking\\\/\"},\"author\":{\"name\":\"Infoblox Threat Intel\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\"},\"headline\":\"Valak Downloader\\\/InfoStealer Delivers IcedID Banking\",\"datePublished\":\"2020-07-16T06:05:20+00:00\",\"dateModified\":\"2024-04-26T20:21:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/valak-downloader-infostealer-delivers-icedid-banking\\\/\"},\"wordCount\":391,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/valak-downloader-infostealer-delivers-icedid-banking\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/top-10-dns-attacks.jpg\",\"keywords\":[\"Malware\"],\"articleSection\":[\"Infoblox Threat Intel\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/valak-downloader-infostealer-delivers-icedid-banking\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/valak-downloader-infostealer-delivers-icedid-banking\\\/\",\"name\":\"Valak Downloader\\\/InfoStealer Delivers IcedID Banking\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/valak-downloader-infostealer-delivers-icedid-banking\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/valak-downloader-infostealer-delivers-icedid-banking\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/top-10-dns-attacks.jpg\",\"datePublished\":\"2020-07-16T06:05:20+00:00\",\"dateModified\":\"2024-04-26T20:21:21+00:00\",\"description\":\"Valak is a sophisticated modular malware that acts as both a malware loader and information stealer (infostealer). It was first observed in late 2019 and quickly evolved, with the creators producing over 30 new versions of the malware in the span of just six months.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/valak-downloader-infostealer-delivers-icedid-banking\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/valak-downloader-infostealer-delivers-icedid-banking\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/valak-downloader-infostealer-delivers-icedid-banking\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/top-10-dns-attacks.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/top-10-dns-attacks.jpg\",\"width\":660,\"height\":454},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/valak-downloader-infostealer-delivers-icedid-banking\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Infoblox Threat Intel\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/threat-intelligence\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Valak Downloader\\\/InfoStealer Delivers IcedID Banking\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\",\"name\":\"Infoblox Threat Intel\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"caption\":\"Infoblox Threat Intel\"},\"description\":\"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/infoblox-threat-intel\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Valak Downloader\/InfoStealer Delivers IcedID Banking","description":"Valak is a sophisticated modular malware that acts as both a malware loader and information stealer (infostealer). It was first observed in late 2019 and quickly evolved, with the creators producing over 30 new versions of the malware in the span of just six months.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/valak-downloader-infostealer-delivers-icedid-banking\/","og_locale":"en_US","og_type":"article","og_title":"Valak Downloader\/InfoStealer Delivers IcedID Banking","og_description":"Valak is a sophisticated modular malware that acts as both a malware loader and information stealer (infostealer). It was first observed in late 2019 and quickly evolved, with the creators producing over 30 new versions of the malware in the span of just six months.","og_url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/valak-downloader-infostealer-delivers-icedid-banking\/","og_site_name":"Infoblox Blog","article_published_time":"2020-07-16T06:05:20+00:00","article_modified_time":"2024-04-26T20:21:21+00:00","og_image":[{"width":660,"height":454,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/top-10-dns-attacks.jpg","type":"image\/jpeg"}],"author":"Infoblox Threat Intel","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Infoblox Threat Intel","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/valak-downloader-infostealer-delivers-icedid-banking\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/valak-downloader-infostealer-delivers-icedid-banking\/"},"author":{"name":"Infoblox Threat Intel","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae"},"headline":"Valak Downloader\/InfoStealer Delivers IcedID Banking","datePublished":"2020-07-16T06:05:20+00:00","dateModified":"2024-04-26T20:21:21+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/valak-downloader-infostealer-delivers-icedid-banking\/"},"wordCount":391,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/valak-downloader-infostealer-delivers-icedid-banking\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/top-10-dns-attacks.jpg","keywords":["Malware"],"articleSection":["Infoblox Threat Intel"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/valak-downloader-infostealer-delivers-icedid-banking\/","url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/valak-downloader-infostealer-delivers-icedid-banking\/","name":"Valak Downloader\/InfoStealer Delivers IcedID Banking","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/valak-downloader-infostealer-delivers-icedid-banking\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/valak-downloader-infostealer-delivers-icedid-banking\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/top-10-dns-attacks.jpg","datePublished":"2020-07-16T06:05:20+00:00","dateModified":"2024-04-26T20:21:21+00:00","description":"Valak is a sophisticated modular malware that acts as both a malware loader and information stealer (infostealer). It was first observed in late 2019 and quickly evolved, with the creators producing over 30 new versions of the malware in the span of just six months.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/valak-downloader-infostealer-delivers-icedid-banking\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/threat-intelligence\/valak-downloader-infostealer-delivers-icedid-banking\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/valak-downloader-infostealer-delivers-icedid-banking\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/top-10-dns-attacks.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/top-10-dns-attacks.jpg","width":660,"height":454},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/valak-downloader-infostealer-delivers-icedid-banking\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Infoblox Threat Intel","item":"https:\/\/www.infoblox.com\/blog\/category\/threat-intelligence\/"},{"@type":"ListItem","position":3,"name":"Valak Downloader\/InfoStealer Delivers IcedID Banking"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae","name":"Infoblox Threat Intel","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","caption":"Infoblox Threat Intel"},"description":"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.","url":"https:\/\/www.infoblox.com\/blog\/author\/infoblox-threat-intel\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5396","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/397"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=5396"}],"version-history":[{"count":3,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5396\/revisions"}],"predecessor-version":[{"id":6405,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5396\/revisions\/6405"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/3324"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=5396"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=5396"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=5396"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}