Overview

overview

10

Static

static

3

56a5835bb0...18.exe

windows7-x64

10

56a5835bb0...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    56a5835bb0f93af28852afcdd5202176_JaffaCakes118

  • Size

    2.6MB

  • Sample

    240518-zbnazaec2y

  • MD5

    56a5835bb0f93af28852afcdd5202176

  • SHA1

    daf51072bf6001ccbe7c544d1e609a2e4aa56ea6

  • SHA256

    c6edbb64ac595d4942ad726b5b4b11165da4d1732fce344e0fefa2c5325a2157

  • SHA512

    d10b43338f41c70c82205f5e01c75cbe8d962f863bf5744939fedb36758c1f6a98504c2417fc2c5169d7e493d9a6523eeea11a79f9fe0b1ba61a7f7c88251975

  • SSDEEP

    49152:cznt7+MmxoEJRgaBXGW11o2iLoqKW4Esye9pk9T3N0:cva1sLoqGvPk9D

Score
10/10
sendsafeunregisteredbotnetspam

Malware Config

Extracted

Family

sendsafe

Botnet

UNREGISTERED

C2

91.220.131.38:50009

91.220.131.38:50010
Attributes
  • service_name

    Enterprise Mailing Service

Targets

    • Target

      56a5835bb0f93af28852afcdd5202176_JaffaCakes118

    • Size

      2.6MB

    • MD5

      56a5835bb0f93af28852afcdd5202176

    • SHA1

      daf51072bf6001ccbe7c544d1e609a2e4aa56ea6

    • SHA256

      c6edbb64ac595d4942ad726b5b4b11165da4d1732fce344e0fefa2c5325a2157

    • SHA512

      d10b43338f41c70c82205f5e01c75cbe8d962f863bf5744939fedb36758c1f6a98504c2417fc2c5169d7e493d9a6523eeea11a79f9fe0b1ba61a7f7c88251975

    • SSDEEP

      49152:cznt7+MmxoEJRgaBXGW11o2iLoqKW4Esye9pk9T3N0:cva1sLoqGvPk9D

    Score
    10/10
    sendsafeunregisteredbotnetspam

    • SendSafe

      SendSafe is a notorious spam tool which then turned into spam botnet.

      spambotnetsendsafe

    • SendSafe payload

      botnet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks