Overview

overview

10

Static

static

6c63c5d6c9...6d.exe

windows7-x64

10

6c63c5d6c9...6d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6c63c5d6c9a23a169eaa79e96c11fc62d685f2f572c602b1bca42376225cec6d

  • Size

    1.8MB

  • Sample

    221130-p7hegseh8t

  • MD5

    e202b6d424f6d0a58b74b7eb3a71653d

  • SHA1

    f6ff3c60c3f00fe0b7f92ebbe9922df85e7bf489

  • SHA256

    6c63c5d6c9a23a169eaa79e96c11fc62d685f2f572c602b1bca42376225cec6d

  • SHA512

    867d27dd97edc7f8578e52ccefd05ecf00c67cd6e3dfdba5934538db53d789128c715d17dd7e7bf6a3115fd94ee92202058a905b0f958213bdeb9f79f53659e6

  • SSDEEP

    49152:qoWrHHJeSUtbtMCiwwxi53lkH4R7+RiiKUE0HcL1MLqz:4rHMSUECiizkYARBlE0HQua

Score
10/10
sendsafeunregisteredbotnetspam

Malware Config

Extracted

Family

sendsafe

Botnet

UNREGISTERED

C2

31.44.184.55:50029

31.44.184.55:50030
Attributes
  • service_name

    Enterprise Mailing Service

Targets

    • Target

      6c63c5d6c9a23a169eaa79e96c11fc62d685f2f572c602b1bca42376225cec6d

    • Size

      1.8MB

    • MD5

      e202b6d424f6d0a58b74b7eb3a71653d

    • SHA1

      f6ff3c60c3f00fe0b7f92ebbe9922df85e7bf489

    • SHA256

      6c63c5d6c9a23a169eaa79e96c11fc62d685f2f572c602b1bca42376225cec6d

    • SHA512

      867d27dd97edc7f8578e52ccefd05ecf00c67cd6e3dfdba5934538db53d789128c715d17dd7e7bf6a3115fd94ee92202058a905b0f958213bdeb9f79f53659e6

    • SSDEEP

      49152:qoWrHHJeSUtbtMCiwwxi53lkH4R7+RiiKUE0HcL1MLqz:4rHMSUECiizkYARBlE0HQua

    Score
    10/10
    sendsafeunregisteredbotnetspam

    • SendSafe

      SendSafe is a notorious spam tool which then turned into spam botnet.

      spambotnetsendsafe

    • SendSafe payload

      botnet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks