pikabot | 5384e7de6b8d95a7df1d841b7a6a77e3f9418fcda9851e2b120a10019222047c | Triage

Sharing

General

Target

pikabot_unpack.dll
Size

840KB
Sample

231127-q5y5wsgh23
MD5

5136d5a4242e220ec1111719bbeda528
SHA1

62f72ce2f5e69630c518861ccf747a3c14d6a27f
SHA256

5384e7de6b8d95a7df1d841b7a6a77e3f9418fcda9851e2b120a10019222047c
SHA512

428cc36c48b1d7a0cb8026a1c1f4540556e2d289dbbb96546ebbbe0ace53a48d9eaee929f77a78756f6e497e688da37d2798b1dd71d824ce70d04bf3694410e9
SSDEEP

24576:hS3sU7vy4scPRr8eYq5Jyb8J1uN0APDcJkdV4K:hysUe4skrYq6wJ1uiAQJIV4

Score

10^/10

pikabot botnet

Malware Config

Targets

- Target
  
  pikabot_unpack.dll
- Size
  
  840KB
- MD5
  
  5136d5a4242e220ec1111719bbeda528
- SHA1
  
  62f72ce2f5e69630c518861ccf747a3c14d6a27f
- SHA256
  
  5384e7de6b8d95a7df1d841b7a6a77e3f9418fcda9851e2b120a10019222047c
- SHA512
  
  428cc36c48b1d7a0cb8026a1c1f4540556e2d289dbbb96546ebbbe0ace53a48d9eaee929f77a78756f6e497e688da37d2798b1dd71d824ce70d04bf3694410e9
- SSDEEP
  
  24576:hS3sU7vy4scPRr8eYq5Jyb8J1uN0APDcJkdV4K:hysUe4skrYq6wJ1uiAQJIV4
Score

10^/10

pikabot botnet
- PikaBot
  PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.
  botnet pikabot
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2