pikabot | 0551101a6be6b0432f965d6a070871759ae79c1feacfc04d382a632a4566d35d | Triage

Submit
Reports

Overview

overview

Static

static

8

1.exe

windows7-x64

1

1.exe

windows10-2004-x64

Sharing

General

Target

1.exe
Size

3.3MB
Sample

240222-mx6yzsga5x
MD5

9e5b3430d333c7c0a49fbb228c7fbd3a
SHA1

64b5657d9c06ae11fddbedb35e1bdda133436016
SHA256

0551101a6be6b0432f965d6a070871759ae79c1feacfc04d382a632a4566d35d
SHA512

2b3cf583522ac7e062d1fe06aab63c5409e6d4dfce138893f10de9742bec06fd8d4f212de73d2eefddbb34f4083ed4b5526f4472f55fcb8cbc8147f93356a76f
SSDEEP

49152:0CXtvRXOhEc2MgyyuTEGQp8EamZaFChW7ZaxJmLufu4J:0CxRXOhEc2MgJHTp+isLw

Score

10^/10

pikabot botnet dave

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1.exe

Resource

win10v2004-20240221-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

pikabot

C2

141.95.106.106

104.129.55.106

104.129.55.105

23.226.138.161

145.239.135.24

85.239.243.155

23.226.138.143

57.128.165.176

178.18.246.136

Targets

- Target
  
  1.exe
- Size
  
  3.3MB
- MD5
  
  9e5b3430d333c7c0a49fbb228c7fbd3a
- SHA1
  
  64b5657d9c06ae11fddbedb35e1bdda133436016
- SHA256
  
  0551101a6be6b0432f965d6a070871759ae79c1feacfc04d382a632a4566d35d
- SHA512
  
  2b3cf583522ac7e062d1fe06aab63c5409e6d4dfce138893f10de9742bec06fd8d4f212de73d2eefddbb34f4083ed4b5526f4472f55fcb8cbc8147f93356a76f
- SSDEEP
  
  49152:0CXtvRXOhEc2MgyyuTEGQp8EamZaFChW7ZaxJmLufu4J:0CxRXOhEc2MgJHTp+isLw
Score

10^/10

pikabot botnet
- PikaBot
  PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.
  botnet pikabot
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy