squirrelwaffle | stage2[.]bin

Resubmissions

12-10-2021 19:51

211012-yks25sdbf9 10

01-10-2021 04:26

211001-e2kmjsahdl 10

Sharing

Copy URL

Twitter E-mail

General

Target

stage2.bin
Size

76KB
MD5

e8ae3940c30296d494e534e0379f15d6
SHA1

3bcb5e7bc9c317c3c067f36d7684a419da79506c
SHA256

d6caf64597bd5e0803f7d0034e73195e83dae370450a2e890b82f77856830167
SHA512

d07b8e684fc1c7a103b64b46d777091bb79103448e91f862c12f0080435feff1c9e907472b7fd4e236ff0b0a8e90dbbaaac202e2238f95578fed1ff6f5247386

Score

10^/10

squirrelwaffle

Malware Config

Extracted

Family

squirrelwaffle

pop.vicamtaynam.com/VtyiHAft

snsvidyapeeth.in/aXmo2Dr3

trinitytesttubebaby.com/QR2JvfE3Sv

iconskw.com/cqdPtAbZ

ebookchuyennganh.com/v9PMvQDxHK8W

alsader.net/BHdQaiQ9rt

avyanshglobal.com/6pYjPlqf

primahills-online.com/ypCiZn7tMx

antoniocastroycia.com.co/WHe08obY

apexbiotech.net/VQgunQ4t5Ue

vscm.in/V3tYKxDz

sinaloworx.co.za/3GilA8Eo3r

dancongnghe.xyz/yRByhX6J3REI

trajesuniformes.com.br/qQofZMaJm

fiorenzapaes.com.br/PGYpETW7

astetinternational.com/arW5e44Y7vzO

razisystem.ir/MqvvkX0cWvn

krishnaiti.org.in/rWA02HQY4

Signatures

Squirrelwaffle family
squirrelwaffle

squirrelwaffle 1 IoCs

Squirrelwaffle Payload

resource	yara_rule
sample	squirrelwaffle

Files

stage2.bin
.dll windows x86 regsvr32

Exports

Exports

DllRegisterServer
ldr