General
-
Target
1515633aa74826ddde0648e7829ea880.dll
-
Size
256KB
-
Sample
210927-q9te7shbdp
-
MD5
1515633aa74826ddde0648e7829ea880
-
SHA1
9d91401903a35835349521bbf578039aef934eea
-
SHA256
278f92d704ed714c94aa4ccf397552d57e04455565cf18139ac46e6f3b30177d
-
SHA512
01850b38667645c3e51635aafe4ef43895e485d6885b74ae4f7ac5f910cdcd231407279b4667162bcc4f203090f54074dba4c11c9b96672a6f7c4b2f7962b110
Static task
static1
Behavioral task
behavioral1
Sample
1515633aa74826ddde0648e7829ea880.dll
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
1515633aa74826ddde0648e7829ea880.dll
Resource
win10-en-20210920
Malware Config
Extracted
squirrelwaffle
acdlimited.com/2u6aW9Pfe
jornaldasoficinas.com/ZF8GKIGVDupL
orldofjain.com/lMsTA7tSYpe
altayaralsudani.net/SSUsPgb7PHgC
hoteloaktree.com/QthLWsZsVgb
aterwellnessinc.com/U7D0sswwp
sirifinco.com/Urbhq9wO50j
ordpress17.com/5WG6Z62sKWo
mohsinkhanfoundation.com/pcQLeLMbur
lendbiz.vn/xj3BhHtMbf
geosever.rs/ObHP1CHt
nuevainfotech.com/xCNyTjzkoe
dadabhoy.pk/m6rQE94U
111
sjgrand.lk/zvMYuQqEZj
erogholding.com/GFM1QcCFk
armordetailing.rs/lgfrZb4Re6WO
lefrenchwineclub.com/eRUGdDox
Targets
-
-
Target
1515633aa74826ddde0648e7829ea880.dll
-
Size
256KB
-
MD5
1515633aa74826ddde0648e7829ea880
-
SHA1
9d91401903a35835349521bbf578039aef934eea
-
SHA256
278f92d704ed714c94aa4ccf397552d57e04455565cf18139ac46e6f3b30177d
-
SHA512
01850b38667645c3e51635aafe4ef43895e485d6885b74ae4f7ac5f910cdcd231407279b4667162bcc4f203090f54074dba4c11c9b96672a6f7c4b2f7962b110
Score10/10-
suricata: ET MALWARE Possible SQUIRRELWAFFLE Server Response
suricata: ET MALWARE Possible SQUIRRELWAFFLE Server Response
-
suricata: ET MALWARE SQUIRRELWAFFLE Loader Activity (POST)
suricata: ET MALWARE SQUIRRELWAFFLE Loader Activity (POST)
-
suricata: ET MALWARE SQUIRRELWAFFLE Server Response
suricata: ET MALWARE SQUIRRELWAFFLE Server Response
-
squirrelwaffle
Squirrelwaffle Payload
-
Blocklisted process makes network request
-