Overview

overview

10

Static

static

14ca56c1af...d7.exe

windows7_x64

10

14ca56c1af...d7.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    14ca56c1afc02cdc7af89c3ccf6355cceb7277b67f9401ff6dda766b27be8fd7

  • Size

    2.6MB

  • Sample

    220602-wspctahgc4

  • MD5

    27feba883821607443248c4a71f088f0

  • SHA1

    a28cdf62cdf55b50a4faef37b239a0a983227794

  • SHA256

    14ca56c1afc02cdc7af89c3ccf6355cceb7277b67f9401ff6dda766b27be8fd7

  • SHA512

    77685608bdaf287dc08a361eabe0a8ff68b65dbaa3c083bdfdde1e99ab7653c2453a9e77ed5a1d915cdfb77dd4d463df6770dbf5c539c13dd5b0e8027acfba00

Score
10/10
sendsafeunregisteredbotnetspam

Malware Config

Extracted

Family

sendsafe

Botnet

UNREGISTERED

C2

91.220.131.68:50011

91.220.131.68:50012
Attributes
  • service_name

    Enterprise Mailing Service

Targets

    • Target

      14ca56c1afc02cdc7af89c3ccf6355cceb7277b67f9401ff6dda766b27be8fd7

    • Size

      2.6MB

    • MD5

      27feba883821607443248c4a71f088f0

    • SHA1

      a28cdf62cdf55b50a4faef37b239a0a983227794

    • SHA256

      14ca56c1afc02cdc7af89c3ccf6355cceb7277b67f9401ff6dda766b27be8fd7

    • SHA512

      77685608bdaf287dc08a361eabe0a8ff68b65dbaa3c083bdfdde1e99ab7653c2453a9e77ed5a1d915cdfb77dd4d463df6770dbf5c539c13dd5b0e8027acfba00

    Score
    10/10
    sendsafeunregisteredbotnetspam

    • SendSafe

      SendSafe is a notorious spam tool which then turned into spam botnet.

      spambotnetsendsafe

    • SendSafe Payload

      botnet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks