Malware
Squirrelwaffle
aka DatopLoader
According to Sophos, Squirrelwaffle is a malware loader that is distributed as a malicious Office document in spam campaigns.
According to Sophos, Squirrelwaffle is a malware loader that is distributed as a malicious Office document in spam campaigns. It provides attackers with an initial foothold in a victim’s environment and a channel to deliver and infect systems with other malware. When a recipient opens a Squirrelwaffle-infected document and enables macros, a visual basic script typically downloads and executes malicious files and scripts, giving further control of the computer to an attacker. Squirrelwaffle operators also use DocuSign to try and trick the user into enabling macros in Office documents.
Family metadata imported from Malpedia (Fraunhofer FKIE).