pikabot | 514a0ef6240663664b3a3e06dabdb297841a7e37eaeac65bafbce1efd456a7e1 | Triage

Submit
Reports

Overview

overview

Static

static

1

Installer (1).msi

windows10-2004-x64

Resubmissions

28-12-2023 13:55

231228-q77j2seeb9 10

15-12-2023 22:14

231215-15mf7shecm 8

Sharing

General

Target

Installer (1).msi
Size

1.4MB
Sample

231228-q77j2seeb9
MD5

f3805cdf687890992345aaa4577b86a4
SHA1

697362f0a495bc1fc692f8bc3b12a81522404cc5
SHA256

514a0ef6240663664b3a3e06dabdb297841a7e37eaeac65bafbce1efd456a7e1
SHA512

6ad1f3ccbbb47e6599548946bca269b4313ffac918516e8ba4bd00dfb078c0dd166d7fac1289eaeb6697e75c8fc20ecd48632914c15dbe10c642fd98f40f6142
SSDEEP

24576:jn0CgtRH3nOX1FIhp5DJ4suxNVTK+ucjByw+Z5cYokzJV+H4:T0LUItD0T9KjHJzJl

Score

10^/10

pikabot botnet dave

Static task

static1

Behavioral task

behavioral1

Sample

Installer (1).msi

Resource

win10v2004-20231215-en

pikabot botnet dave

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  Installer (1).msi
- Size
  
  1.4MB
- MD5
  
  f3805cdf687890992345aaa4577b86a4
- SHA1
  
  697362f0a495bc1fc692f8bc3b12a81522404cc5
- SHA256
  
  514a0ef6240663664b3a3e06dabdb297841a7e37eaeac65bafbce1efd456a7e1
- SHA512
  
  6ad1f3ccbbb47e6599548946bca269b4313ffac918516e8ba4bd00dfb078c0dd166d7fac1289eaeb6697e75c8fc20ecd48632914c15dbe10c642fd98f40f6142
- SSDEEP
  
  24576:jn0CgtRH3nOX1FIhp5DJ4suxNVTK+ucjByw+Z5cYokzJV+H4:T0LUItD0T9KjHJzJl
Score

10^/10

pikabot botnet dave
- Detect Pikabot payload
  Detect Pikabot payload.
- PikaBot
  PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.
  botnet pikabot
- Dave packer
  Detects executable using a packer named 'Dave' by the community, based on a string at the end.
  dave
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

pikabotbotnetdave

© 2018-2024

Terms | Privacy