Overview

overview

10

Static

static

179.exe

windows7_x64

10

179.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    179.exe

  • Size

    1.9MB

  • Sample

    211005-v6rvesaecn

  • MD5

    4806ae57cd7d3b3a538e36a99674dab9

  • SHA1

    7c2f8324f05c80dc7de4226848b82b6a200e94ea

  • SHA256

    6b9f4586110bd5bc342318e6e73a21fd288afd670be55d9807ba7ec5b89c379d

  • SHA512

    8bfcee127ca030d434f1fad39aec9fc08e8266099c8dcba74099274dfc61339ca0c4473c209a63748ed138fda8d3e60920193d4a79d537ae1ef9206fb4f8f937

Score
10/10
sendsafeunregisteredbotnetspam

Malware Config

Extracted

Family

sendsafe

Botnet

UNREGISTERED

C2

31.44.184.179:50065

31.44.184.179:50066
Attributes
  • service_name

    Enterprise Mailing Service

Targets

    • Target

      179.exe

    • Size

      1.9MB

    • MD5

      4806ae57cd7d3b3a538e36a99674dab9

    • SHA1

      7c2f8324f05c80dc7de4226848b82b6a200e94ea

    • SHA256

      6b9f4586110bd5bc342318e6e73a21fd288afd670be55d9807ba7ec5b89c379d

    • SHA512

      8bfcee127ca030d434f1fad39aec9fc08e8266099c8dcba74099274dfc61339ca0c4473c209a63748ed138fda8d3e60920193d4a79d537ae1ef9206fb4f8f937

    Score
    10/10
    sendsafeunregisteredbotnetspam

    • SendSafe

      SendSafe is a notorious spam tool which then turned into spam botnet.

      spambotnetsendsafe

    • SendSafe Payload

      botnet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks