pikabot | 0125d9745eb16ef6315ff260ba544d6e0cf35d217de279e17f3fdc7b4a8e7b1c | Triage

Submit
Reports

Overview

overview

Static

static

3

ca5fb5814e...9d.exe

windows10-2004-x64

Resubmissions

20-02-2024 03:50

240220-edxl7sae31 10

10-02-2024 02:40

240210-c55e1sga4v 5

Sharing

General

Target

fd379c5ed778ea1000da0b8c9458f7f8.bin
Size

733KB
Sample

240220-edxl7sae31
MD5

0ee14e4fd154882e95e10e6b82e6e9a6
SHA1

4d768e35be677afd1a5d942e338eb13b363ec750
SHA256

0125d9745eb16ef6315ff260ba544d6e0cf35d217de279e17f3fdc7b4a8e7b1c
SHA512

9c7c51cfd40326df792ee570f026dd7d60ca69c7e656e408a4ace971cc1feeb68a2dca9d2bf2611ea674676aea14b8e637a68c460175d98bb817b59f30e47c9a
SSDEEP

12288:KxSL+qifQZ0e6/Pah4VbutjCJmK1o771ljHelQJRHm8ssw43mqxh8LeambhSU+5g:Ka220//Pah4Vb2KV1o7lb7SUmbeuU+5g

Score

10^/10

pikabot botnet

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ca5fb5814ec62c8f04936740aabe2664b3c7d036203afbd8425cd67cf1f4b79d.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

7 signatures

300 seconds

Malware Config

Extracted

Family

pikabot

C2

139.84.237.229

85.239.243.155

104.129.55.104

95.179.191.137

158.220.80.157

104.129.55.103

158.220.80.167

Targets

- Target
  
  ca5fb5814ec62c8f04936740aabe2664b3c7d036203afbd8425cd67cf1f4b79d.exe
- Size
  
  1.3MB
- MD5
  
  fd379c5ed778ea1000da0b8c9458f7f8
- SHA1
  
  59fa8241388e3020e3f539ffbe3892332b59cd93
- SHA256
  
  ca5fb5814ec62c8f04936740aabe2664b3c7d036203afbd8425cd67cf1f4b79d
- SHA512
  
  9de54ef1a15a70dcf266d24685b2c1e259170973a6c61033289303258f63e41cda1aa53335a91f8317a5963ede47a805c29dbe3f69c80f71a716515616669472
- SSDEEP
  
  24576:7yTiqxhwB8ow5KiPUIRCv1N4JFMl2K1WKT3IDC95ag62:7yTiqxhw1rx1mY1Wm4DCOg62
Score

10^/10

pikabot botnet
- PikaBot
  PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.
  botnet pikabot
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy