Overview

overview

10

Static

static

91.exe

windows7_x64

10

91.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    91.exe

  • Size

    1.9MB

  • Sample

    210929-rltlqsfcck

  • MD5

    b8f94c85cd5d1c37e884b016f3266586

  • SHA1

    8f51937fdb353334cd457800c99d859dd4562cb0

  • SHA256

    9a58ba68212ccfc1679461328b83bf6674bcc6a310d70f40ac62133dc1e34f9d

  • SHA512

    15eefe7cd210826e2d2ef349ee92282838c7fbe5dca37c0fcf6d592d42163847afec4533853214a8aaf7bc930b9b451a1bf10fc00b403abd810c21a24ffd371c

Score
10/10
sendsafeunregisteredbotnetspam

Malware Config

Extracted

Family

sendsafe

Botnet

UNREGISTERED

C2

31.44.184.91:50063

31.44.184.91:50064
Attributes
  • service_name

    Enterprise Mailing Service

Targets

    • Target

      91.exe

    • Size

      1.9MB

    • MD5

      b8f94c85cd5d1c37e884b016f3266586

    • SHA1

      8f51937fdb353334cd457800c99d859dd4562cb0

    • SHA256

      9a58ba68212ccfc1679461328b83bf6674bcc6a310d70f40ac62133dc1e34f9d

    • SHA512

      15eefe7cd210826e2d2ef349ee92282838c7fbe5dca37c0fcf6d592d42163847afec4533853214a8aaf7bc930b9b451a1bf10fc00b403abd810c21a24ffd371c

    Score
    10/10
    sendsafeunregisteredbotnetspam

    • SendSafe

      SendSafe is a notorious spam tool which then turned into spam botnet.

      spambotnetsendsafe

    • sendsafe

      SendSafe Payload

      botnet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks