squirrelwaffle | ab0a3f2c0b0bace7e066433d4c3e8ad1dc253bb4b394ce504e50f15f43499ac8

General

Target

JaffaCakes118_412fdeeaa926ada702cd351049516139
Size

528KB
Sample

250106-3pjrgstjhs
MD5

412fdeeaa926ada702cd351049516139
SHA1

717815a409b374922e7d140d97e796d5eac4732f
SHA256

ab0a3f2c0b0bace7e066433d4c3e8ad1dc253bb4b394ce504e50f15f43499ac8
SHA512

4503abfac1e018860f98a4e0b45d1d2d1e0650d1532bc24603c0555e2b4533fd98d2c79c0905db7d76f4bca8eadd4f3476bc696a684f62c7178e03c71d005869
SSDEEP

12288:snygddonnhXo7TDSfLLeSlDH7g+BppSH9K1XB7LenS1LrumKV/8:0onhb1lDE+Bg9K99e+umKV/

Score

10^/10

Malware Config

Extracted

Family

squirrelwaffle

C2

http://bostoncarservice.us/ttv8fU9U19

http://payparq-cloud-3513-01.com/bON7gU8BpvAU

http://luckysoxs.com/3FbCi7ej09p

http://payparq-cloud-8799-02.com/0yXFxtYs0Z

http://rjmholding.com/JKu3ByhTE

http://centroparquekrahmer.cl/iXIdCvMk5TD7

http://capaxion.cl/xigRVxm0X

http://bimcrea.cl/CRUKqDjn

http://payparq-cloud-8899-00.com/yeoXYV97

http://18pixels.org/mDZYHjiJi

http://e2eprocess.cl/EUsDZTqM

http://payparq.com/1DT7hrizVB

http://sammlerstore.pe/KKFuUiXVI5

Targets

- Target
  
  JaffaCakes118_412fdeeaa926ada702cd351049516139
- Size
  
  528KB
- MD5
  
  412fdeeaa926ada702cd351049516139
- SHA1
  
  717815a409b374922e7d140d97e796d5eac4732f
- SHA256
  
  ab0a3f2c0b0bace7e066433d4c3e8ad1dc253bb4b394ce504e50f15f43499ac8
- SHA512
  
  4503abfac1e018860f98a4e0b45d1d2d1e0650d1532bc24603c0555e2b4533fd98d2c79c0905db7d76f4bca8eadd4f3476bc696a684f62c7178e03c71d005869
- SSDEEP
  
  12288:snygddonnhXo7TDSfLLeSlDH7g+BppSH9K1XB7LenS1LrumKV/8:0onhb1lDE+Bg9K99e+umKV/
Score

10^/10

squirrelwaffle discovery downloader
- SquirrelWaffle is a simple downloader written in C++.
  SquirrelWaffle.
  downloader squirrelwaffle
- Squirrelwaffle family
  squirrelwaffle
- Squirrelwaffle payload
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

SquirrelWaffle is a simple downloader written in C++.

Squirrelwaffle family

Squirrelwaffle payload

Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2