General

  • Target

    18cd9e697d749314e471c97e33b821847229c4347fc6f438a5f9d7fa61f6f0dd

  • Size

    52KB

  • MD5

    20de10e77bb365175635770e32fe0e95

  • SHA1

    934d2331b6b1770d8c4fa95e9066a67c2411266c

  • SHA256

    18cd9e697d749314e471c97e33b821847229c4347fc6f438a5f9d7fa61f6f0dd

  • SHA512

    d0cf60988b95797aaeaed077ea8c97ce023056a12c725aa274dadbce1a1c94ba0603c24793c4d708650ccfdbd21c6e2e2af90a8561d5ac7cef1c5eb5da40be19

Score
10/10

Malware Config

Extracted

Family

squirrelwaffle

C2

http://msrsac.com/nvaaLwe9

http://u522712.gluweb.nl/n2fshwgq

http://serverplanner.com/LkkAWHLc8

http://bengali.iu.ac.bd/xNM4FTUzqRRk

http://owfix.net/NVNCI3qMl4

http://pcbsi.com.ph/IcLNSd9sO

http://enlacelaboral.com/3cKldxdt

Attributes
  • blocklist

    94.46.179.80

    206.189.205.251

    88.242.66.45

    36.65.102.42

    85.75.110.214

    93.78.214.187

    87.104.3.136

    207.244.91.171

    49.230.88.160

    91.149.252.75

    91.149.252.88

    92.211.109.152

    178.0.250.168

    178.203.145.135

    88.69.16.230

    95.223.77.160

    99.234.62.23

    2.206.105.223

    84.222.8.201

    89.183.239.142

    93.206.148.216

    5.146.132.101

    77.7.60.154

    45.41.106.122

    45.74.72.13

    74.58.152.123

    88.87.68.197

    211.107.25.121

    109.70.100.25

    185.67.82.114

Signatures

  • Squirrelwaffle Payload 1 IoCs
  • Squirrelwaffle family

Files

  • 18cd9e697d749314e471c97e33b821847229c4347fc6f438a5f9d7fa61f6f0dd
    .dll windows x86


    Exports