Overview

overview

10

Static

static

3

f5dea16ddf...af.dll

windows7-x64

1

f5dea16ddf...af.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f5dea16ddf016590f493254c4717f94754380a3c767898a2ef0df6b19c50b7af

  • Size

    786KB

  • Sample

    231124-v3rp9ada54

  • MD5

    d68ba01bd6938145929e55bebd75f502

  • SHA1

    78b8c5e115da2838db31f7313eee0fb3b02f3f91

  • SHA256

    f5dea16ddf016590f493254c4717f94754380a3c767898a2ef0df6b19c50b7af

  • SHA512

    6684e810b38aaed715ee399c423d2912be14758b90b730c50a1f849a37154c04e8f56382cbbf593aae9924a32ed485e5a5aac30cf8c626dd26ff3b22782cef86

  • SSDEEP

    12288:xPGZgjkXi7AfTvEFL2sxpln1wyxU2mhXG5ko6GJ5+cobTKMz:xuJUUTsFLdxpl1wyxU2MXvb456br

Score
10/10
pikabotbotnet

Malware Config

Targets

    • Target

      f5dea16ddf016590f493254c4717f94754380a3c767898a2ef0df6b19c50b7af

    • Size

      786KB

    • MD5

      d68ba01bd6938145929e55bebd75f502

    • SHA1

      78b8c5e115da2838db31f7313eee0fb3b02f3f91

    • SHA256

      f5dea16ddf016590f493254c4717f94754380a3c767898a2ef0df6b19c50b7af

    • SHA512

      6684e810b38aaed715ee399c423d2912be14758b90b730c50a1f849a37154c04e8f56382cbbf593aae9924a32ed485e5a5aac30cf8c626dd26ff3b22782cef86

    • SSDEEP

      12288:xPGZgjkXi7AfTvEFL2sxpln1wyxU2mhXG5ko6GJ5+cobTKMz:xuJUUTsFLdxpl1wyxU2MXvb456br

    Score
    10/10
    pikabotbotnet

    • Detects PikaBot botnet

    • PikaBot

      PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.

      botnetpikabot

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks