Resubmissions

21-09-2021 13:24

210921-qne1paccdj 10

13-09-2021 16:36

210913-t4p3dahbgm 4

General

  • Target

    090921.gif

  • Size

    383KB

  • Sample

    210921-qne1paccdj

  • MD5

    479dae0f72f4d57bd20e0bf8cb3ebdf7

  • SHA1

    b49f31a7d8f68ca307f3d0abcf4d05313ee2b844

  • SHA256

    4f68558fb7a921b837926ca4e87fecba073f551a44c88109453a1a8099d003b6

  • SHA512

    afb0a6fc0c7783f04a22ec721543084e0532f87c7903c42b831c8954aceb231b099f87c3da3edabd1c9b36045cc4b3747b27e386f37b3fbac349c0036717d63d

Malware Config

Extracted

Family

squirrelwaffle

C2

msrsac.com/nvaaLwe9

u522712.gluweb.nl/n2fshwgq

serverplanner.com/LkkAWHLc8

bengali.iu.ac.bd/xNM4FTUzqRRk

owfix.net/NVNCI3qMl4

pcbsi.com.ph/IcLNSd9sO

enlacelaboral.com/3cKldxdt

Attributes
  • blocklist

    94.46.179.80

    206.189.205.251

    88.242.66.45

    36.65.102.42

    85.75.110.214

    93.78.214.187

    87.104.3.136

    207.244.91.171

    49.230.88.160

    91.149.252.75

    91.149.252.88

    92.211.109.152

    178.0.250.168

    178.203.145.135

    88.69.16.230

    95.223.77.160

    99.234.62.23

    2.206.105.223

    84.222.8.201

    89.183.239.142

    93.206.148.216

    5.146.132.101

    77.7.60.154

    45.41.106.122

    45.74.72.13

    74.58.152.123

    88.87.68.197

    211.107.25.121

    109.70.100.25

    185.67.82.114

Targets

    • Target

      090921.gif

    • Size

      383KB

    • MD5

      479dae0f72f4d57bd20e0bf8cb3ebdf7

    • SHA1

      b49f31a7d8f68ca307f3d0abcf4d05313ee2b844

    • SHA256

      4f68558fb7a921b837926ca4e87fecba073f551a44c88109453a1a8099d003b6

    • SHA512

      afb0a6fc0c7783f04a22ec721543084e0532f87c7903c42b831c8954aceb231b099f87c3da3edabd1c9b36045cc4b3747b27e386f37b3fbac349c0036717d63d

    • SquirrelWaffle is a simple downloader written in C++.

      SquirrelWaffle.

    • squirrelwaffle

      Squirrelwaffle Payload

MITRE ATT&CK Matrix

Tasks