Overview

overview

10

Static

static

3

8974157eac...18.exe

windows7-x64

10

8974157eac...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8974157eacac4d782b11d0ee82458409_JaffaCakes118

  • Size

    2.2MB

  • Sample

    240601-fx4ejabb2v

  • MD5

    8974157eacac4d782b11d0ee82458409

  • SHA1

    0a55179a8f769898d6025e3b5cc9b4b4138a659d

  • SHA256

    ceaba875420856a1010ac6984a63e72389caf7ce65328354f9f5507e484681e8

  • SHA512

    25b65746c9b9b1e0d7791f6ff59f09e301c5fd86ded51359ca042c411ffafeac05cf23d789a98853b6afd36572e39cd73369ed7aba1581d083be2b078ff2ebdb

  • SSDEEP

    24576:oe8/oFXEnhhxlOnzDqn3P2AnXspEc45Un3S0b8FDT78cRE/I+ZjMJZe1kS:oeBXIhSq/HXspEcPnivFDTvWfIPb

Score
10/10
sendsafeunregisteredbotnetspam

Malware Config

Extracted

Family

sendsafe

Botnet

UNREGISTERED

C2

31.44.184.45:50021

31.44.184.45:50022
Attributes
  • service_name

    Enterprise Mailing Service

Targets

    • Target

      8974157eacac4d782b11d0ee82458409_JaffaCakes118

    • Size

      2.2MB

    • MD5

      8974157eacac4d782b11d0ee82458409

    • SHA1

      0a55179a8f769898d6025e3b5cc9b4b4138a659d

    • SHA256

      ceaba875420856a1010ac6984a63e72389caf7ce65328354f9f5507e484681e8

    • SHA512

      25b65746c9b9b1e0d7791f6ff59f09e301c5fd86ded51359ca042c411ffafeac05cf23d789a98853b6afd36572e39cd73369ed7aba1581d083be2b078ff2ebdb

    • SSDEEP

      24576:oe8/oFXEnhhxlOnzDqn3P2AnXspEc45Un3S0b8FDT78cRE/I+ZjMJZe1kS:oeBXIhSq/HXspEcPnivFDTvWfIPb

    Score
    10/10
    sendsafeunregisteredbotnetspam

    • SendSafe

      SendSafe is a notorious spam tool which then turned into spam botnet.

      spambotnetsendsafe

    • SendSafe payload

      botnet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks