Overview

overview

10

Static

static

9bd0b45588...f7.exe

windows7-x64

10

9bd0b45588...f7.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9bd0b45588eaf697ba933bdff0afc8448456023512711ff42feba380d1ced5f7

  • Size

    1.9MB

  • Sample

    230129-t22y6adg94

  • MD5

    a8e52a262ca1139f04900a85a6c76e34

  • SHA1

    15829cac86d11939fb4233304f67816d53c42c97

  • SHA256

    9bd0b45588eaf697ba933bdff0afc8448456023512711ff42feba380d1ced5f7

  • SHA512

    a0e98f53e12395654fa5c1f804cfbfe7ad164b302ce51c7151e01c26cf7b4f8ffa0cccc8a97d997bc835b0e9b7a71bb64cc9a58c930e38c59dca17b0693f4a45

  • SSDEEP

    49152:6oWrHHJeSUtbtMCiwwxi53lkH4R7+RiiKUE0HcL1ML:orHMSUECiizkYARBlE0HQuL

Score
10/10
sendsafeunregisteredbotnetspam

Malware Config

Extracted

Family

sendsafe

Botnet

UNREGISTERED

C2

31.44.184.47:50035

31.44.184.47:50036
Attributes
  • service_name

    Enterprise Mailing Service

Targets

    • Target

      9bd0b45588eaf697ba933bdff0afc8448456023512711ff42feba380d1ced5f7

    • Size

      1.9MB

    • MD5

      a8e52a262ca1139f04900a85a6c76e34

    • SHA1

      15829cac86d11939fb4233304f67816d53c42c97

    • SHA256

      9bd0b45588eaf697ba933bdff0afc8448456023512711ff42feba380d1ced5f7

    • SHA512

      a0e98f53e12395654fa5c1f804cfbfe7ad164b302ce51c7151e01c26cf7b4f8ffa0cccc8a97d997bc835b0e9b7a71bb64cc9a58c930e38c59dca17b0693f4a45

    • SSDEEP

      49152:6oWrHHJeSUtbtMCiwwxi53lkH4R7+RiiKUE0HcL1ML:orHMSUECiizkYARBlE0HQuL

    Score
    10/10
    sendsafeunregisteredbotnetspam

    • SendSafe

      SendSafe is a notorious spam tool which then turned into spam botnet.

      spambotnetsendsafe

    • SendSafe payload

      botnet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks