Overview

overview

10

Static

static

10

stage2.bin.dll

windows7_x64

stage2.bin.dll

windows10_x64

1

Resubmissions

12-10-2021 19:51

211012-yks25sdbf9 10

01-10-2021 04:26

211001-e2kmjsahdl 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    stage2.bin

  • Size

    76KB

  • MD5

    e8ae3940c30296d494e534e0379f15d6

  • SHA1

    3bcb5e7bc9c317c3c067f36d7684a419da79506c

  • SHA256

    d6caf64597bd5e0803f7d0034e73195e83dae370450a2e890b82f77856830167

  • SHA512

    d07b8e684fc1c7a103b64b46d777091bb79103448e91f862c12f0080435feff1c9e907472b7fd4e236ff0b0a8e90dbbaaac202e2238f95578fed1ff6f5247386

Score
10/10
squirrelwaffle

Malware Config

Extracted

Family

squirrelwaffle

C2

http://pop.vicamtaynam.com/VtyiHAft

http://snsvidyapeeth.in/aXmo2Dr3

http://trinitytesttubebaby.com/QR2JvfE3Sv

http://iconskw.com/cqdPtAbZ

http://ebookchuyennganh.com/v9PMvQDxHK8W

http://alsader.net/BHdQaiQ9rt

http://avyanshglobal.com/6pYjPlqf

http://primahills-online.com/ypCiZn7tMx

http://antoniocastroycia.com.co/WHe08obY

http://apexbiotech.net/VQgunQ4t5Ue

http://vscm.in/V3tYKxDz

http://sinaloworx.co.za/3GilA8Eo3r

http://dancongnghe.xyz/yRByhX6J3REI

http://trajesuniformes.com.br/qQofZMaJm

http://fiorenzapaes.com.br/PGYpETW7

http://astetinternational.com/arW5e44Y7vzO

http://razisystem.ir/MqvvkX0cWvn

http://krishnaiti.org.in/rWA02HQY4

Signatures

  • Squirrelwaffle Payload 1 IoCs
  • Squirrelwaffle family
    squirrelwaffle

Files

  • stage2.bin
    .dll windows x86 regsvr32


    Exports