General

  • Target

    pikabot_feb_8.zip

  • Size

    537KB

  • Sample

    240209-lgts2sab3z

  • MD5

    287de22eee7ae35a629f5e4364d254b1

  • SHA1

    02fa63eb8964c19e37bda6d4efd1fcffa3638e88

  • SHA256

    2be644cec6f2caf1ddf4e404d2b381c933b926b4d90337230f42013c0b9c7ffa

  • SHA512

    b4f6892a80b90c95d381fd115900b9f35f5b9a1d8d8d68458aa33c8e9398c9336d5291aea011a4db3594eed8d85470257f00fba61aa9b70695097a7c95063183

  • SSDEEP

    12288:0WCC5LImgUR0rSSgyxcvmeb1HsT5TDKAfYsjckqfOq+RiyRjdbMylzep6G+kUmWQ:ICxB/SrSE6sTxdfYsUfO1RiyZdbMnEG9

Score
10/10

Malware Config

Targets

    • Target

      pikabot.dll

    • Size

      731KB

    • MD5

      557de697a1edffc6186a399975b4d52e

    • SHA1

      add23b100d7777dc91f09e80696b1b91d4d3d467

    • SHA256

      2f8254fe651cf750b0ca28a83c1f430857a7981c5a2f0cd220b4ce96a1aa1d6c

    • SHA512

      7855990e4adb7ec8c01d5b623c2ae0aafae5e9908cba0ea9bc20ad9152800627f95c8b6ac27ba2780e6150e93510ce903684a0f285418fe9a439efcd69a5fbce

    • SSDEEP

      12288:L88tpQmNwfp6/dNE2uIigUp+CQ/EAr06DggYmpEj7N904+G5ciTHMgxiQt1cb:Q8PQGwB6/IRgTEoDg6pEj7N94G5BTHx

    Score
    3/10
    • Target

      run.bat

    • Size

      51B

    • MD5

      3044c13a564ee6bd79c39265b2fde131

    • SHA1

      cff15aa8a701795e9f33b74862a6543c66fd5907

    • SHA256

      4a5ba34c467a320db4a3da2512cf455f9dabf573fd41f5c1ba13becd70cc31aa

    • SHA512

      732677b92c94638f477d4b22e94485a8b59fc0bd90bd35ba9fc2497f2fbdca197acd89b432a7ad6f4bc375c28a02aa49248efebfb68a285f94d74adad7d56956

    Score
    10/10
    • Detects PikaBot botnet

    • PikaBot

      PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.

    • Dave packer

      Detects executable using a packer named 'Dave' by the community, based on a string at the end.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.