S1030Windows

S1030Squirrelwaffle

Platforms
1
ATT&CK
14.1
References
3

Description

[Squirrelwaffle](https://attack.mitre.org/software/S1030) is a loader that was first seen in September 2021. It has been used in spam email campaigns to deliver additional malware such as [Cobalt Strike](https://attack.mitre.org/software/S0154) and the [QakBot](https://attack.mitre.org/software/S0650) banking trojan.(Citation: ZScaler Squirrelwaffle Sep 2021)(Citation: Netskope Squirrelwaffle Oct 2021)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S1030
  2. https://www.zscaler.com/blogs/security-research/squirrelwaffle-new-loader-delivering-cobalt-strike
  3. https://www.netskope.com/blog/squirrelwaffle-new-malware-loader-delivering-cobalt-strike-and-qakbot

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Bumblebee
Software
SVCReady
LOLbin
Squirrel.exe
Software
Colibri Loader
Software
STARWHALE
Software
Raindrop
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.