Resubmissions

21-09-2021 13:24

210921-qnpvwsccdk 10

14-09-2021 11:19

210914-ne2rzsafbp 1

General

  • Target

    090921.dll

  • Size

    367KB

  • Sample

    210921-qnpvwsccdk

  • MD5

    7fcab487b86152ad589d53d936d4c55c

  • SHA1

    7cc03d7e00679fc2ac866860a72d1a78bee37c2a

  • SHA256

    8308975ce3092d911742cc0d5b83f17c04a7673fb50d00580429388b7aa0bd27

  • SHA512

    70b0938b07f7695ecb7b69d36bdf8b4bf72ad3ea2282057f0b63bdcd54d619a935aed6da439b779dbf4ba621cdc9a0472cc9bfa97c3fccea126a6ffadcd8c9ff

Malware Config

Extracted

Family

squirrelwaffle

C2

msrsac.com/nvaaLwe9

u522712.gluweb.nl/n2fshwgq

serverplanner.com/LkkAWHLc8

bengali.iu.ac.bd/xNM4FTUzqRRk

owfix.net/NVNCI3qMl4

pcbsi.com.ph/IcLNSd9sO

enlacelaboral.com/3cKldxdt

Attributes
  • blocklist

    94.46.179.80

    206.189.205.251

    88.242.66.45

    36.65.102.42

    85.75.110.214

    93.78.214.187

    87.104.3.136

    207.244.91.171

    49.230.88.160

    91.149.252.75

    91.149.252.88

    92.211.109.152

    178.0.250.168

    178.203.145.135

    88.69.16.230

    95.223.77.160

    99.234.62.23

    2.206.105.223

    84.222.8.201

    89.183.239.142

    93.206.148.216

    5.146.132.101

    77.7.60.154

    45.41.106.122

    45.74.72.13

    74.58.152.123

    88.87.68.197

    211.107.25.121

    109.70.100.25

    185.67.82.114

Targets

    • Target

      090921.dll

    • Size

      367KB

    • MD5

      7fcab487b86152ad589d53d936d4c55c

    • SHA1

      7cc03d7e00679fc2ac866860a72d1a78bee37c2a

    • SHA256

      8308975ce3092d911742cc0d5b83f17c04a7673fb50d00580429388b7aa0bd27

    • SHA512

      70b0938b07f7695ecb7b69d36bdf8b4bf72ad3ea2282057f0b63bdcd54d619a935aed6da439b779dbf4ba621cdc9a0472cc9bfa97c3fccea126a6ffadcd8c9ff

    • SquirrelWaffle is a simple downloader written in C++.

      SquirrelWaffle.

    • squirrelwaffle

      Squirrelwaffle Payload

MITRE ATT&CK Matrix

Tasks