General
-
Target
JaffaCakes118_90e6a19b421aa8a3e54a2bfa751df4b1
-
Size
530KB
-
Sample
250108-he4zfsykby
-
MD5
90e6a19b421aa8a3e54a2bfa751df4b1
-
SHA1
786420d8411ee56a3ac04ca1874bf6d805df8b30
-
SHA256
0e2d89c628559c2bc612c4863096ef4360eb7a34b9124a27ea98a41231019871
-
SHA512
a44721c83d9b253253fcdf865daf7c8f08344e2a036970ff6662d503eb2663b1546ee9068ba54a30d75a69554aa436607a8c9f0d4c3417e7ea88f9ce52cdc973
-
SSDEEP
12288:snygddonnhXo7TDSfLLeSlDH7g+BppSH9K1XB7LenS1LrumKV/8:0onhb1lDE+Bg9K99e+umKV/
Malware Config
Extracted
squirrelwaffle
http://bostoncarservice.us/ttv8fU9U19
http://payparq-cloud-3513-01.com/bON7gU8BpvAU
http://luckysoxs.com/3FbCi7ej09p
http://payparq-cloud-8799-02.com/0yXFxtYs0Z
http://rjmholding.com/JKu3ByhTE
http://centroparquekrahmer.cl/iXIdCvMk5TD7
http://capaxion.cl/xigRVxm0X
http://bimcrea.cl/CRUKqDjn
http://payparq-cloud-8899-00.com/yeoXYV97
http://18pixels.org/mDZYHjiJi
http://e2eprocess.cl/EUsDZTqM
http://payparq.com/1DT7hrizVB
http://sammlerstore.pe/KKFuUiXVI5
Targets
-
-
Target
JaffaCakes118_90e6a19b421aa8a3e54a2bfa751df4b1
-
Size
530KB
-
MD5
90e6a19b421aa8a3e54a2bfa751df4b1
-
SHA1
786420d8411ee56a3ac04ca1874bf6d805df8b30
-
SHA256
0e2d89c628559c2bc612c4863096ef4360eb7a34b9124a27ea98a41231019871
-
SHA512
a44721c83d9b253253fcdf865daf7c8f08344e2a036970ff6662d503eb2663b1546ee9068ba54a30d75a69554aa436607a8c9f0d4c3417e7ea88f9ce52cdc973
-
SSDEEP
12288:snygddonnhXo7TDSfLLeSlDH7g+BppSH9K1XB7LenS1LrumKV/8:0onhb1lDE+Bg9K99e+umKV/
Score10/10-
SquirrelWaffle is a simple downloader written in C++.
SquirrelWaffle.
-
Squirrelwaffle family
-
Squirrelwaffle payload
-
Blocklisted process makes network request
-