Overview

overview

10

Static

static

3

VSP.dll

windows10-2004-x64

10

Resubmissions

17-11-2023 17:23

231117-vydb3acg4v 10

17-11-2023 17:09

231117-vpd71acf21 10

17-11-2023 16:57

231117-vgd72abd46 10

17-11-2023 15:58

231117-tej5tsaf38 3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    VSP.sct

  • Size

    1.2MB

  • Sample

    231117-vgd72abd46

  • MD5

    1256db0d678a86a604a61dd42da07a4a

  • SHA1

    5ba1f4e06963b726e6a127f2a4caf605c94991d6

  • SHA256

    2bf21a583f86c4889b1653cb188aa361a20a9fbaa451d514c4d2d8bf5decc24d

  • SHA512

    294a4777fdf76e2e72fa3e544c75967797a924038139a32b79b4456dbda45e15d4d063238a65b0256b9b9393267bfefe4967b54e6a93011a05846a96ed1fcff5

  • SSDEEP

    24576:XDOgwgfYbK9s3kW3CG3vQ3snpR7loatbEUZqHwhv642THJ1r63LSw7b8VzkPPjwt:XDOyfYbK9sZvw8V/qQeHf6JUawknjY

Score
10/10
pikabotbotnet

Malware Config

Targets

    • Target

      VSP.sct

    • Size

      1.2MB

    • MD5

      1256db0d678a86a604a61dd42da07a4a

    • SHA1

      5ba1f4e06963b726e6a127f2a4caf605c94991d6

    • SHA256

      2bf21a583f86c4889b1653cb188aa361a20a9fbaa451d514c4d2d8bf5decc24d

    • SHA512

      294a4777fdf76e2e72fa3e544c75967797a924038139a32b79b4456dbda45e15d4d063238a65b0256b9b9393267bfefe4967b54e6a93011a05846a96ed1fcff5

    • SSDEEP

      24576:XDOgwgfYbK9s3kW3CG3vQ3snpR7loatbEUZqHwhv642THJ1r63LSw7b8VzkPPjwt:XDOyfYbK9sZvw8V/qQeHf6JUawknjY

    Score
    10/10
    pikabotbotnet

    • Detects PikaBot botnet

    • PikaBot

      PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.

      botnetpikabot

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

1
T1057

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks