Overview

overview

10

Static

static

10

3744-0-0x0...ry.exe

windows7-x64

3

3744-0-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3744-0-0x0000000000500000-0x000000000054F000-memory.dmp

  • Size

    316KB

  • MD5

    df54177b3f69bd2fafb86eb032242bf4

  • SHA1

    3e5f996154aa89c92439e48e9e1fbbb3bb7ed042

  • SHA256

    34ffbc38f0264e108f5ddef7e0f3cfe4507e8c3e8d0929dc8a3dbad4ceb4ae86

  • SHA512

    010c1270448c3b10e40e2f064e83e19e1036607fdeeb941656fddfcf06d1ab61ec1e2e6175ecc6f74538ec63d4dbe63d9db4296c57fba03399848abf9f6a94a1

  • SSDEEP

    6144:zgCNDdukMJQwxUeT5jOJ94GESBjRLiQ/w1:zgMkjOjRiJ

Score
10/10
pikabot

Malware Config

Extracted

Family

pikabot

C2

192.248.174.52:5631

109.123.227.104:2221

65.20.98.24:13783

154.38.184.3:2223

155.138.203.158:1194

210.243.8.247:23399

139.180.185.171:2222

154.221.30.136:13724

65.20.82.254:5243

Signatures

  • Detects PikaBot botnet 1 IoCs
  • Pikabot family
    pikabot
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3744-0-0x0000000000500000-0x000000000054F000-memory.dmp
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections