General

  • Target

    1d8efc7665bc83f1d7fe443ef4ce6c52eb4829769de0f7fb890b5b12bbcb92bd

  • Size

    50KB

  • Sample

    211113-v6hazsfcc6

  • MD5

    1cfb3b43089741950a7bb53afc8a6c2f

  • SHA1

    4b4f2e7006287e9fd8177869c00a8cd2be560058

  • SHA256

    1d8efc7665bc83f1d7fe443ef4ce6c52eb4829769de0f7fb890b5b12bbcb92bd

  • SHA512

    182110771383c30b84cd232562f482c837f802e4f71f7f65972c2b91fa481859b23bb9379a5fec4cb04a28fff4ec0414bbf75ec5ba496d5f2857f595dd03541d

Score
10/10

Malware Config

Extracted

Family

squirrelwaffle

C2

http://msrsac.com/nvaaLwe9

http://u522712.gluweb.nl/n2fshwgq

http://serverplanner.com/LkkAWHLc8

http://bengali.iu.ac.bd/xNM4FTUzqRRk

http://owfix.net/NVNCI3qMl4

http://pcbsi.com.ph/IcLNSd9sO

http://enlacelaboral.com/3cKldxdt

Attributes
  • blocklist

    94.46.179.80

    206.189.205.251

    88.242.66.45

    36.65.102.42

    85.75.110.214

    93.78.214.187

    87.104.3.136

    207.244.91.171

    49.230.88.160

    91.149.252.75

    91.149.252.88

    92.211.109.152

    178.0.250.168

    178.203.145.135

    88.69.16.230

    95.223.77.160

    99.234.62.23

    2.206.105.223

    84.222.8.201

    89.183.239.142

    93.206.148.216

    5.146.132.101

    77.7.60.154

    45.41.106.122

    45.74.72.13

    74.58.152.123

    88.87.68.197

    211.107.25.121

    109.70.100.25

    185.67.82.114

Targets

    • Target

      1d8efc7665bc83f1d7fe443ef4ce6c52eb4829769de0f7fb890b5b12bbcb92bd

    • Size

      50KB

    • MD5

      1cfb3b43089741950a7bb53afc8a6c2f

    • SHA1

      4b4f2e7006287e9fd8177869c00a8cd2be560058

    • SHA256

      1d8efc7665bc83f1d7fe443ef4ce6c52eb4829769de0f7fb890b5b12bbcb92bd

    • SHA512

      182110771383c30b84cd232562f482c837f802e4f71f7f65972c2b91fa481859b23bb9379a5fec4cb04a28fff4ec0414bbf75ec5ba496d5f2857f595dd03541d

    Score
    8/10
    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks