Squirrelwaffle
Squirrelwaffle 2021 email thread hijacking loader. Exchange ProxyLogon/ProxyShell. Qakbot+CS dropper.
Threat Profile
Type
Loader
Programming LanguageC++
C2 ProtocolHTTPS
First Seen2021
Targets
Kurumsal
Purpose / Capabilities
- loader
No C2 servers have been identified for this family yet.
Research Reports (2)
Squirrelwaffle -- 541KB E-posta Thread Hijacking Loader, IsDebuggerPresent | Yüksek
Squirrelwaffle 541KB e-posta thread hijacking loader. IsDebuggerPresent. Qakbot+Cobalt Strike dropper. 2021.
Read Report →Squirrelwaffle -- test1.test.dll 458KB Loader, Şifreli C2 Config | Yüksek
Squirrelwaffle test1.test.dll 458KB loader. Şifreli C2 config fragmentleri. Qakbot/Cobalt Strike dropper.
Read Report →