sendsafe | 0ee051075719911f36a195e8a029d514b370f8f2f1276bd41ffe9e3e7c1da35f | Triage

Sharing

General

Target

0ee051075719911f36a195e8a029d514b370f8f2f1276bd41ffe9e3e7c1da35f
Size

2.1MB
Sample

220525-aq6nesgham
MD5

87fef0f85c5c16b33a18c2a1460dd705
SHA1

7cdd664980f3bf24cf01be79e66ef51dd047bf13
SHA256

0ee051075719911f36a195e8a029d514b370f8f2f1276bd41ffe9e3e7c1da35f
SHA512

e3f67facc7ac3c7e00ff72e28d3243f4ee293de4fe3c220f19c8bff7f1be69ae7b575dda75a0646d1a48d40d986e966922472ea5a9ba3edea399803be9541e3c

Score

10^/10

sendsafe unregistered botnet spam

Malware Config

Extracted

Family

sendsafe

Botnet

UNREGISTERED

C2

91.220.131.64:50011

91.220.131.64:50012

Attributes

service_name
Enterprise Mailing Service

Targets

- Target
  
  0ee051075719911f36a195e8a029d514b370f8f2f1276bd41ffe9e3e7c1da35f
- Size
  
  2.1MB
- MD5
  
  87fef0f85c5c16b33a18c2a1460dd705
- SHA1
  
  7cdd664980f3bf24cf01be79e66ef51dd047bf13
- SHA256
  
  0ee051075719911f36a195e8a029d514b370f8f2f1276bd41ffe9e3e7c1da35f
- SHA512
  
  e3f67facc7ac3c7e00ff72e28d3243f4ee293de4fe3c220f19c8bff7f1be69ae7b575dda75a0646d1a48d40d986e966922472ea5a9ba3edea399803be9541e3c
Score

10^/10

sendsafe unregistered botnet spam
- SendSafe
  SendSafe is a notorious spam tool which then turned into spam botnet.
  spam botnet sendsafe
- SendSafe Payload
  botnet
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

sendsafeunregisteredbotnetspam

behavioral2