Squirrelwaffle

Squirrelwaffle 2021 email thread hijacking loader. Exchange ProxyLogon/ProxyShell. Qakbot+CS dropper.

Threat Profile
Type Loader
Programming LanguageC++
C2 ProtocolHTTPS
First Seen2021
Targets Kurumsal
Purpose / Capabilities
  • loader
No C2 servers have been identified for this family yet.

Research Reports (2)

High

Squirrelwaffle -- 541KB E-posta Thread Hijacking Loader, IsDebuggerPresent | Yüksek

Squirrelwaffle 541KB e-posta thread hijacking loader. IsDebuggerPresent. Qakbot+Cobalt Strike dropper. 2021.

Read Report →
High

Squirrelwaffle -- test1.test.dll 458KB Loader, Şifreli C2 Config | Yüksek

Squirrelwaffle test1.test.dll 458KB loader. Şifreli C2 config fragmentleri. Qakbot/Cobalt Strike dropper.

Read Report →