Overview

overview

10

Static

static

647e8c0f87...5a.dll

windows7_x64

10

647e8c0f87...5a.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    647e8c0f87b8325c6d9015253724643c077d7d5a21e2e15053ae94847d868c5a

  • Size

    310KB

  • Sample

    220121-3r3mdaddg5

  • MD5

    d78be1aaae573167680db8be2768b720

  • SHA1

    6e4786485813ec70d6d4ae7585e4034e87b37991

  • SHA256

    647e8c0f87b8325c6d9015253724643c077d7d5a21e2e15053ae94847d868c5a

  • SHA512

    c481ebaffe97603fd6de7e44c3a1d0a6a42386ecdddf1b001ce63fe81a15b082a1d88decf54e17ec94c3830b20b5331b4e8fe2423f913e7e659396d374b16495

Score
10/10
squirrelwaffledownloader

Malware Config

Extracted

Family

squirrelwaffle

C2

http://hutraders.com/0eeUtmJf8O

http://goodartishard.com/0JXDM9kMwx

http://now.byteinsure.com/tnjUrmlhN

http://asceaub.com/Xl8UCLSU

http://colchonesmanzur.com/GjVgBnKaNIC

http://sistemasati.com/0SzGNkx6P

http://maldivehost.net/zLIisQRWZI9

http://lrdgon.org/l7r96tjAJ

http://binnawaz.com.pk/jhSZGWS76C

http://fhstorse.com/vJlgdjJnpIop

Targets

    • Target

      647e8c0f87b8325c6d9015253724643c077d7d5a21e2e15053ae94847d868c5a

    • Size

      310KB

    • MD5

      d78be1aaae573167680db8be2768b720

    • SHA1

      6e4786485813ec70d6d4ae7585e4034e87b37991

    • SHA256

      647e8c0f87b8325c6d9015253724643c077d7d5a21e2e15053ae94847d868c5a

    • SHA512

      c481ebaffe97603fd6de7e44c3a1d0a6a42386ecdddf1b001ce63fe81a15b082a1d88decf54e17ec94c3830b20b5331b4e8fe2423f913e7e659396d374b16495

    Score
    10/10
    squirrelwaffledownloader

    • SquirrelWaffle is a simple downloader written in C++.

      SquirrelWaffle.

      downloadersquirrelwaffle

    • Squirrelwaffle Payload

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks