Overview

overview

10

Static

static

119.exe

windows7_x64

10

119.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    119.exe

  • Size

    1.9MB

  • Sample

    211005-v6fgdsabe9

  • MD5

    5ccc9d91153304f7cfca984270a74e6d

  • SHA1

    3718f5677d7c4a8fb09a65862691ba370b84cb56

  • SHA256

    5839f634f394ae2780b42f8fafb36a8fb452c853cf8ae160725bcd9acec60fdf

  • SHA512

    40671e882cb91a82e4960ba303bb1be03077291dd68c0afb86704df1d20ea732b3917086261cc46b8270bc324c4c8044a5e18adafe4badc6e77ca4c5a121b5d5

Score
10/10
sendsafeunregisteredbotnetspam

Malware Config

Extracted

Family

sendsafe

Botnet

UNREGISTERED

C2

31.44.184.119:50065

31.44.184.119:50066
Attributes
  • service_name

    Enterprise Mailing Service

Targets

    • Target

      119.exe

    • Size

      1.9MB

    • MD5

      5ccc9d91153304f7cfca984270a74e6d

    • SHA1

      3718f5677d7c4a8fb09a65862691ba370b84cb56

    • SHA256

      5839f634f394ae2780b42f8fafb36a8fb452c853cf8ae160725bcd9acec60fdf

    • SHA512

      40671e882cb91a82e4960ba303bb1be03077291dd68c0afb86704df1d20ea732b3917086261cc46b8270bc324c4c8044a5e18adafe4badc6e77ca4c5a121b5d5

    Score
    10/10
    sendsafeunregisteredbotnetspam

    • SendSafe

      SendSafe is a notorious spam tool which then turned into spam botnet.

      spambotnetsendsafe

    • SendSafe Payload

      botnet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks