Overview

overview

10

Static

static

79.exe

windows7_x64

10

79.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    79.exe

  • Size

    1.8MB

  • Sample

    211028-qb8r8sbfc6

  • MD5

    b062ac64f0dd8e1812478b6d3dc163b8

  • SHA1

    b294106c1d49b71d9b550f657553e9a5c096985a

  • SHA256

    48d0e0d078cf974050b177c18d5f805ca0ad916a37ee15573fc4328da613d84e

  • SHA512

    57e97346704284b5b188b25277f3e5a4f83a9b4dc5d962adbb60dbb9b3606cd649ac8a07d66bcef89a9f4cc6384fb2259582d6a1559d171391f7b9d6ce7f54ce

Score
10/10
sendsafeunregisteredbotnetspam

Malware Config

Extracted

Family

sendsafe

Botnet

UNREGISTERED

C2

31.44.184.79:50073

31.44.184.79:50074
Attributes
  • service_name

    Enterprise Mailing Service

Targets

    • Target

      79.exe

    • Size

      1.8MB

    • MD5

      b062ac64f0dd8e1812478b6d3dc163b8

    • SHA1

      b294106c1d49b71d9b550f657553e9a5c096985a

    • SHA256

      48d0e0d078cf974050b177c18d5f805ca0ad916a37ee15573fc4328da613d84e

    • SHA512

      57e97346704284b5b188b25277f3e5a4f83a9b4dc5d962adbb60dbb9b3606cd649ac8a07d66bcef89a9f4cc6384fb2259582d6a1559d171391f7b9d6ce7f54ce

    Score
    10/10
    sendsafeunregisteredbotnetspam

    • SendSafe

      SendSafe is a notorious spam tool which then turned into spam botnet.

      spambotnetsendsafe

    • SendSafe Payload

      botnet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks