Overview

overview

10

Static

static

00dae3b8c1...79.exe

windows7_x64

10

00dae3b8c1...79.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    00dae3b8c11ec21ffa25d9c4044f909422f96a8ec31d71786d01dd5595f4a179

  • Size

    1.8MB

  • Sample

    220524-es6hnafdf9

  • MD5

    9335cda793a9425d621cd3a5c742c9b4

  • SHA1

    527da31382a0c7b902465ff72d2798cfa369993c

  • SHA256

    00dae3b8c11ec21ffa25d9c4044f909422f96a8ec31d71786d01dd5595f4a179

  • SHA512

    4f1e6129daa8d7a60c6d3e38e70f990050327156c13f26b69a1dcd8921f50bdcf73fda01b11926cf627bd4f82bdf1413f6a798b057ea263e4bfe190c03a73455

Score
10/10
sendsafeunregisteredbotnetspam

Malware Config

Extracted

Family

sendsafe

Botnet

UNREGISTERED

C2

31.44.184.108:50017

31.44.184.108:50018
Attributes
  • service_name

    Enterprise Mailing Service

Targets

    • Target

      00dae3b8c11ec21ffa25d9c4044f909422f96a8ec31d71786d01dd5595f4a179

    • Size

      1.8MB

    • MD5

      9335cda793a9425d621cd3a5c742c9b4

    • SHA1

      527da31382a0c7b902465ff72d2798cfa369993c

    • SHA256

      00dae3b8c11ec21ffa25d9c4044f909422f96a8ec31d71786d01dd5595f4a179

    • SHA512

      4f1e6129daa8d7a60c6d3e38e70f990050327156c13f26b69a1dcd8921f50bdcf73fda01b11926cf627bd4f82bdf1413f6a798b057ea263e4bfe190c03a73455

    Score
    10/10
    sendsafeunregisteredbotnetspam

    • SendSafe

      SendSafe is a notorious spam tool which then turned into spam botnet.

      spambotnetsendsafe

    • SendSafe Payload

      botnet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks