General
-
Target
53376f9f8fd56a8f2a639faa25bdd2c2da6587a017b0d6dd624533bb5690a99a
-
Size
222KB
-
Sample
220130-r9q6hscffj
-
MD5
d383cbc5aa2f06a70d0a5afd2130b183
-
SHA1
1a1a5bf96c35f428b86de7924527a9689250976d
-
SHA256
53376f9f8fd56a8f2a639faa25bdd2c2da6587a017b0d6dd624533bb5690a99a
-
SHA512
3e2f06d290fe42eaf315d0c57378784a312947d407c4459b6a0cf8559e023d647a1cd5aadbdc6c4e82288ba932a73bf23b92194c54dfb908c9e5bedbd5b08a3f
Static task
static1
Behavioral task
behavioral1
Sample
53376f9f8fd56a8f2a639faa25bdd2c2da6587a017b0d6dd624533bb5690a99a.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
53376f9f8fd56a8f2a639faa25bdd2c2da6587a017b0d6dd624533bb5690a99a.dll
Resource
win10-en-20211208
Malware Config
Extracted
squirrelwaffle
http://hutraders.com/0eeUtmJf8O
http://goodartishard.com/0JXDM9kMwx
http://now.byteinsure.com/tnjUrmlhN
http://asceaub.com/Xl8UCLSU
http://colchonesmanzur.com/GjVgBnKaNIC
http://sistemasati.com/0SzGNkx6P
http://maldivehost.net/zLIisQRWZI9
http://lrdgon.org/l7r96tjAJ
http://binnawaz.com.pk/jhSZGWS76C
http://fhstorse.com/vJlgdjJnpIop
Targets
-
-
Target
53376f9f8fd56a8f2a639faa25bdd2c2da6587a017b0d6dd624533bb5690a99a
-
Size
222KB
-
MD5
d383cbc5aa2f06a70d0a5afd2130b183
-
SHA1
1a1a5bf96c35f428b86de7924527a9689250976d
-
SHA256
53376f9f8fd56a8f2a639faa25bdd2c2da6587a017b0d6dd624533bb5690a99a
-
SHA512
3e2f06d290fe42eaf315d0c57378784a312947d407c4459b6a0cf8559e023d647a1cd5aadbdc6c4e82288ba932a73bf23b92194c54dfb908c9e5bedbd5b08a3f
Score10/10-
suricata: ET MALWARE SQUIRRELWAFFLE Loader Activity (POST)
suricata: ET MALWARE SQUIRRELWAFFLE Loader Activity (POST)
-
Squirrelwaffle Payload
-
Blocklisted process makes network request
-