Overview

overview

10

Static

static

a77a697ba2...24.exe

windows7_x64

10

a77a697ba2...24.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a77a697ba2f3323a53c1b05f89212296ae5e4f73529c8fa264ae18a94d268924

  • Size

    1.8MB

  • Sample

    220508-x8m1csgda7

  • MD5

    e690adaff12871a45813256de96a26f9

  • SHA1

    07de85cfdd152fbf45d68ec5f25c083bc37fcb88

  • SHA256

    a77a697ba2f3323a53c1b05f89212296ae5e4f73529c8fa264ae18a94d268924

  • SHA512

    d639096fc4ea8076879f1a89a7a26e0fcd2be4a9d87f88ef6c3540109742d8247c7fb8a71da8303a1963a564da919770db92b3fd03d0a5655f208e155cd724e3

Score
10/10
sendsafeunregisteredbotnetspam

Malware Config

Extracted

Family

sendsafe

Botnet

UNREGISTERED

C2

31.44.184.151:50017

31.44.184.151:50018
Attributes
  • service_name

    Enterprise Mailing Service

Targets

    • Target

      a77a697ba2f3323a53c1b05f89212296ae5e4f73529c8fa264ae18a94d268924

    • Size

      1.8MB

    • MD5

      e690adaff12871a45813256de96a26f9

    • SHA1

      07de85cfdd152fbf45d68ec5f25c083bc37fcb88

    • SHA256

      a77a697ba2f3323a53c1b05f89212296ae5e4f73529c8fa264ae18a94d268924

    • SHA512

      d639096fc4ea8076879f1a89a7a26e0fcd2be4a9d87f88ef6c3540109742d8247c7fb8a71da8303a1963a564da919770db92b3fd03d0a5655f208e155cd724e3

    Score
    10/10
    sendsafeunregisteredbotnetspam

    • SendSafe

      SendSafe is a notorious spam tool which then turned into spam botnet.

      spambotnetsendsafe

    • SendSafe Payload

      botnet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks