squirrelwaffle | c8f8edd8870c3117cc3e80b54e99576da02fd17a521e4cf85c10185d45b2c708

General

Target

c8f8edd8870c3117cc3e80b54e99576da02fd17a521e4cf85c10185d45b2c708
Size

64KB
MD5

22f4fe52068b39774d43a87114236586
SHA1

6b6c060e341fc4d840a29fbeeb20aae395a121e3
SHA256

c8f8edd8870c3117cc3e80b54e99576da02fd17a521e4cf85c10185d45b2c708
SHA512

e9d72149addb5cfae21bbb376c23471fde57f1dd07ae6ab1e3234189f25de6e641781a0c2374ba2231f37abc9b1d7001929b15c672aa0f23fd9eba8e696f73b3

Score

10^/10

squirrelwaffle

Malware Config

Extracted

Family

squirrelwaffle

C2

http://msrsac.com/nvaaLwe9

http://u522712.gluweb.nl/n2fshwgq

http://serverplanner.com/LkkAWHLc8

http://bengali.iu.ac.bd/xNM4FTUzqRRk

http://owfix.net/NVNCI3qMl4

http://pcbsi.com.ph/IcLNSd9sO

http://enlacelaboral.com/3cKldxdt

Attributes

blocklist
94.46.179.80

206.189.205.251

88.242.66.45

36.65.102.42

85.75.110.214

93.78.214.187

87.104.3.136

207.244.91.171

49.230.88.160

91.149.252.75

91.149.252.88

92.211.109.152

178.0.250.168

178.203.145.135

88.69.16.230

95.223.77.160

99.234.62.23

2.206.105.223

84.222.8.201

89.183.239.142

93.206.148.216

5.146.132.101

77.7.60.154

45.41.106.122

45.74.72.13

74.58.152.123

88.87.68.197

211.107.25.121

109.70.100.25

185.67.82.114

207.102.138.19

204.101.161.14

193.128.108.251

111.7.100.17

111.7.100.16

74.125.210.62

74.125.210.36

104.244.74.57

185.220.101.145

185.220.101.144

185.220.101.18

185.220.100.246

185.220.101.228

185.220.100.243

185.220.101.229

185.220.101.147

185.220.102.250

94.46.179.80

206.189.205.251

178.255.172.194

84.221.205.40

155.138.242.103

178.212.98.156

85.65.32.191

31.167.184.201

88.242.66.45

36.65.102.42

203.213.127.79

85.75.110.214

93.78.214.187

204.152.81.185

183.171.72.218

168.194.101.130

87.104.3.136

92.211.196.33

197.92.140.125

207.244.91.171

49.230.88.160

196.74.16.153

91.149.252.75

91.149.252.88

92.206.15.202

82.21.114.63

92.211.109.152

178.0.250.168

178.203.145.135

85.210.36.4

199.83.207.72

86.132.134.203

88.69.16.230

99.247.129.88

37.201.195.12

87.140.192.0

88.152.185.188

87.156.177.91

99.229.57.160

95.223.77.160

88.130.54.214

99.234.62.23

2.206.105.223

94.134.179.130

84.221.255.199

84.222.8.201

89.183.239.142

87.158.21.26

93.206.148.216

5.146.132.101

77.7.60.154

95.223.75.85

162.254.173.187

50.99.254.163

45.41.106.122

99.237.13.3

45.74.72.13

108.171.64.202

74.58.152.123

216.209.253.121

88.87.68.197

211.107.25.121

109.70.100.25

185.67.82.114

207.102.138.19

204.101.161.14

193.128.108.251

Signatures

Squirrelwaffle Payload 1 IoCs

resource	yara_rule
sample	squirrelwaffle

Squirrelwaffle family
squirrelwaffle

Files

c8f8edd8870c3117cc3e80b54e99576da02fd17a521e4cf85c10185d45b2c708
.dll windows x86

Exports

Exports

ldr

Sharing