Overview

overview

10

Static

static

3b47a1a8d5...40.exe

windows7_x64

10

3b47a1a8d5...40.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3b47a1a8d51b8b5963dc49026e72b236852007a135b6a21b764caed18ff88d40

  • Size

    2.1MB

  • Sample

    220520-wgvepaebfr

  • MD5

    0cca0a9832b372a44179ab77ab15d7ea

  • SHA1

    750d71664ff8db04c77cbb9e5928ead7ad61635e

  • SHA256

    3b47a1a8d51b8b5963dc49026e72b236852007a135b6a21b764caed18ff88d40

  • SHA512

    d12b1580178b22b23badbf9654287799e656e6e418563b1df91be5c5067a9b4dd453495e66d867cbfffe9c1bcbda8a3edec6c054ac084b71a8f51143f0413ff3

Score
10/10
sendsafeunregisteredbotnetspam

Malware Config

Extracted

Family

sendsafe

Botnet

UNREGISTERED

C2

31.44.184.82:50013

31.44.184.82:50014
Attributes
  • service_name

    Enterprise Mailing Service

Targets

    • Target

      3b47a1a8d51b8b5963dc49026e72b236852007a135b6a21b764caed18ff88d40

    • Size

      2.1MB

    • MD5

      0cca0a9832b372a44179ab77ab15d7ea

    • SHA1

      750d71664ff8db04c77cbb9e5928ead7ad61635e

    • SHA256

      3b47a1a8d51b8b5963dc49026e72b236852007a135b6a21b764caed18ff88d40

    • SHA512

      d12b1580178b22b23badbf9654287799e656e6e418563b1df91be5c5067a9b4dd453495e66d867cbfffe9c1bcbda8a3edec6c054ac084b71a8f51143f0413ff3

    Score
    10/10
    sendsafeunregisteredbotnetspam

    • SendSafe

      SendSafe is a notorious spam tool which then turned into spam botnet.

      spambotnetsendsafe

    • SendSafe Payload

      botnet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks