General
-
Target
28f4003888bd4b8634f8e5c67f04ccea
-
Size
528KB
-
Sample
211022-ws6bbsbhf8
-
MD5
412fdeeaa926ada702cd351049516139
-
SHA1
717815a409b374922e7d140d97e796d5eac4732f
-
SHA256
ab0a3f2c0b0bace7e066433d4c3e8ad1dc253bb4b394ce504e50f15f43499ac8
-
SHA512
4503abfac1e018860f98a4e0b45d1d2d1e0650d1532bc24603c0555e2b4533fd98d2c79c0905db7d76f4bca8eadd4f3476bc696a684f62c7178e03c71d005869
Static task
static1
Behavioral task
behavioral1
Sample
28f4003888bd4b8634f8e5c67f04ccea.dll
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
28f4003888bd4b8634f8e5c67f04ccea.dll
Resource
win10-en-20210920
Malware Config
Extracted
squirrelwaffle
http://bostoncarservice.us/ttv8fU9U19
http://payparq-cloud-3513-01.com/bON7gU8BpvAU
http://luckysoxs.com/3FbCi7ej09p
http://payparq-cloud-8799-02.com/0yXFxtYs0Z
http://rjmholding.com/JKu3ByhTE
http://centroparquekrahmer.cl/iXIdCvMk5TD7
http://capaxion.cl/xigRVxm0X
http://bimcrea.cl/CRUKqDjn
http://payparq-cloud-8899-00.com/yeoXYV97
http://18pixels.org/mDZYHjiJi
http://e2eprocess.cl/EUsDZTqM
http://payparq.com/1DT7hrizVB
http://sammlerstore.pe/KKFuUiXVI5
Targets
-
-
Target
28f4003888bd4b8634f8e5c67f04ccea
-
Size
528KB
-
MD5
412fdeeaa926ada702cd351049516139
-
SHA1
717815a409b374922e7d140d97e796d5eac4732f
-
SHA256
ab0a3f2c0b0bace7e066433d4c3e8ad1dc253bb4b394ce504e50f15f43499ac8
-
SHA512
4503abfac1e018860f98a4e0b45d1d2d1e0650d1532bc24603c0555e2b4533fd98d2c79c0905db7d76f4bca8eadd4f3476bc696a684f62c7178e03c71d005869
Score10/10-
Squirrelwaffle Payload
-
Blocklisted process makes network request
-