General
-
Target
10ce13aee1e7d1b721cd603d4fb1b982536320b0fe3d653a63ace64be07bef70
-
Size
222KB
-
Sample
220130-txy2psebeq
-
MD5
7eb4034270fbb83f85e90841f3d2a871
-
SHA1
a7a97668136813a5d153865155e53554f288a0dd
-
SHA256
10ce13aee1e7d1b721cd603d4fb1b982536320b0fe3d653a63ace64be07bef70
-
SHA512
14999c497f6d7b9413e28061a1117d3f8d4dc0d3d12f8c0717298d26611f22b0fb5b83f503e46dd5a603e01535e59e7cc6d7297230b5a8032b3959b877ac36e8
Static task
static1
Behavioral task
behavioral1
Sample
10ce13aee1e7d1b721cd603d4fb1b982536320b0fe3d653a63ace64be07bef70.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
10ce13aee1e7d1b721cd603d4fb1b982536320b0fe3d653a63ace64be07bef70.dll
Resource
win10-en-20211208
Malware Config
Extracted
squirrelwaffle
http://pop.vicamtaynam.com/VtyiHAft
http://snsvidyapeeth.in/aXmo2Dr3
http://trinitytesttubebaby.com/QR2JvfE3Sv
http://iconskw.com/cqdPtAbZ
http://ebookchuyennganh.com/v9PMvQDxHK8W
http://alsader.net/BHdQaiQ9rt
http://avyanshglobal.com/6pYjPlqf
http://primahills-online.com/ypCiZn7tMx
http://antoniocastroycia.com.co/WHe08obY
http://apexbiotech.net/VQgunQ4t5Ue
http://vscm.in/V3tYKxDz
http://sinaloworx.co.za/3GilA8Eo3r
http://dancongnghe.xyz/yRByhX6J3REI
http://trajesuniformes.com.br/qQofZMaJm
http://fiorenzapaes.com.br/PGYpETW7
http://astetinternational.com/arW5e44Y7vzO
http://razisystem.ir/MqvvkX0cWvn
http://krishnaiti.org.in/rWA02HQY4
Targets
-
-
Target
10ce13aee1e7d1b721cd603d4fb1b982536320b0fe3d653a63ace64be07bef70
-
Size
222KB
-
MD5
7eb4034270fbb83f85e90841f3d2a871
-
SHA1
a7a97668136813a5d153865155e53554f288a0dd
-
SHA256
10ce13aee1e7d1b721cd603d4fb1b982536320b0fe3d653a63ace64be07bef70
-
SHA512
14999c497f6d7b9413e28061a1117d3f8d4dc0d3d12f8c0717298d26611f22b0fb5b83f503e46dd5a603e01535e59e7cc6d7297230b5a8032b3959b877ac36e8
Score10/10-
suricata: ET MALWARE SQUIRRELWAFFLE Loader Activity (POST)
suricata: ET MALWARE SQUIRRELWAFFLE Loader Activity (POST)
-
Squirrelwaffle Payload
-
Blocklisted process makes network request
-