General

  • Target

    664ad298bb467d1fead03c255bec57ea_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240522-g3f2vseg46

  • MD5

    664ad298bb467d1fead03c255bec57ea

  • SHA1

    8e2d218673ae3d3c81febf1ed75b94e73abdb46a

  • SHA256

    125b544ab94e6b6462612c8266bb39de4c575f2e50a2686dcf897f009b8732c9

  • SHA512

    19a762a202d4e03f207fca00b116918e6140c7a88631c050c5f33f542862a3746672e631a26b95f31a331eb77b6bedf851fd10da0738e131202d8d8c5a2f8abd

  • SSDEEP

    24576:4M25Kz3iScbWjRZ0L006Dk/mZfUanuoUSyetjIJRWbVX8UKzpr8enm6mG:4M3eonpQ/mpvuvSye9IObp89prw6m

Malware Config

Extracted

Family

sendsafe

Botnet

UNREGISTERED

C2

91.220.131.87:50001

91.220.131.87:50002

Attributes
  • service_name

    Enterprise Mailing Service

Targets

    • Target

      664ad298bb467d1fead03c255bec57ea_JaffaCakes118

    • Size

      1.9MB

    • MD5

      664ad298bb467d1fead03c255bec57ea

    • SHA1

      8e2d218673ae3d3c81febf1ed75b94e73abdb46a

    • SHA256

      125b544ab94e6b6462612c8266bb39de4c575f2e50a2686dcf897f009b8732c9

    • SHA512

      19a762a202d4e03f207fca00b116918e6140c7a88631c050c5f33f542862a3746672e631a26b95f31a331eb77b6bedf851fd10da0738e131202d8d8c5a2f8abd

    • SSDEEP

      24576:4M25Kz3iScbWjRZ0L006Dk/mZfUanuoUSyetjIJRWbVX8UKzpr8enm6mG:4M3eonpQ/mpvuvSye9IObp89prw6m

    • SendSafe

      SendSafe is a notorious spam tool which then turned into spam botnet.

    • SendSafe payload

MITRE ATT&CK Matrix

Tasks