General
-
Target
267aa0f6d02c470db4951b3d9b80d8f7_JaffaCakes118
-
Size
475KB
-
Sample
240704-2h875ataqq
-
MD5
267aa0f6d02c470db4951b3d9b80d8f7
-
SHA1
a9627760018699a0ce48499fd58b43e3d33c51c7
-
SHA256
da031faf0a918be7bf90705dac2ce63cfda65226360202ac1d53a6849592e9b3
-
SHA512
cf0ab54048b096bf05bc4f222473a962f2e18133e195165b582f041ee3b38536cc4e67a49dcc762c838aaeafcd164d63765ac42d58762db9f21217c12bc4eff6
-
SSDEEP
3072:rZnBbPe1aHYouWDfsppnwh2l4kdQXHq7pkOoAR:9JCeTfspV/l4kmXqqOoA
Malware Config
Extracted
squirrelwaffle
http://profitshub.in/eJDLM6siEv
http://hynot-adventures.com/siRmGWRAqRR
http://giversherbalproducts.com/lBawcxb5
http://opulent-imports.com/DlOBqKAf
http://nitro2point0.com/9SqebpSMu
http://streamline-trade.com/7fTwg0V7
http://sologicgroup.com/hWo6FObvrdp
http://pedroaros.cl/gnYxifRY
http://apimar.eu/QFm9qbfjT
http://baetrading.com/IfpAV6qS
http://ditrpshop.in/oHbAKuM0
http://surveillantfire.com/s6ImD3DAJs
http://dhananialegalaid.com/VIVB6kFar
http://aulaintelimundo.com/n1n3Sh4NSO08
http://muwatin.net/IvyhnWs8j
http://nkp.hr/a9TmwEDR
http://kvrassociates.net/Y3kzp0WtE0
http://marianaleyton.com/4ByNgaVdId6
Targets
-
-
Target
267aa0f6d02c470db4951b3d9b80d8f7_JaffaCakes118
-
Size
475KB
-
MD5
267aa0f6d02c470db4951b3d9b80d8f7
-
SHA1
a9627760018699a0ce48499fd58b43e3d33c51c7
-
SHA256
da031faf0a918be7bf90705dac2ce63cfda65226360202ac1d53a6849592e9b3
-
SHA512
cf0ab54048b096bf05bc4f222473a962f2e18133e195165b582f041ee3b38536cc4e67a49dcc762c838aaeafcd164d63765ac42d58762db9f21217c12bc4eff6
-
SSDEEP
3072:rZnBbPe1aHYouWDfsppnwh2l4kdQXHq7pkOoAR:9JCeTfspV/l4kmXqqOoA
Score10/10-
SquirrelWaffle is a simple downloader written in C++.
SquirrelWaffle.
-
Squirrelwaffle payload
-
Blocklisted process makes network request
-