pikabot | 801b529ea3173ca504af6c8ee1b48f731c5d83c4771677b0752af779a0f3d0a4 | Triage

Submit
Reports

Overview

overview

Static

static

8

22022024_2...62.exe

windows7-x64

1

22022024_2...62.exe

windows10-2004-x64

Sharing

General

Target

22022024_2138_0.5955887613560662.dat
Size

3.3MB
Sample

240222-qxpw9aaf48
MD5

63649ec9aa5c9913b436bc220e0c7cae
SHA1

31ad2582bd5736b0b84aea498c105d1ad955d068
SHA256

801b529ea3173ca504af6c8ee1b48f731c5d83c4771677b0752af779a0f3d0a4
SHA512

3266e2097d71055aea77c010bfed7a849cae62e38a254c291746814434c25db332e475f5ee02bfc33cd5c1b7c61be8f73f0b5a9d030cda53e2b1994b5b296a15
SSDEEP

49152:sCXtvRXOhEc2MgyyuTEGQp8EamZaFChW7ZaxJmLufu4b:sCxRXOhEc2MgJHTp+isL+

Score

10^/10

pikabot botnet dave

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

22022024_2138_0.5955887613560662.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

22022024_2138_0.5955887613560662.exe

Resource

win10v2004-20240221-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

pikabot

C2

141.95.106.106

104.129.55.106

104.129.55.105

23.226.138.161

145.239.135.24

85.239.243.155

23.226.138.143

57.128.165.176

178.18.246.136

Targets

- Target
  
  22022024_2138_0.5955887613560662.dat
- Size
  
  3.3MB
- MD5
  
  63649ec9aa5c9913b436bc220e0c7cae
- SHA1
  
  31ad2582bd5736b0b84aea498c105d1ad955d068
- SHA256
  
  801b529ea3173ca504af6c8ee1b48f731c5d83c4771677b0752af779a0f3d0a4
- SHA512
  
  3266e2097d71055aea77c010bfed7a849cae62e38a254c291746814434c25db332e475f5ee02bfc33cd5c1b7c61be8f73f0b5a9d030cda53e2b1994b5b296a15
- SSDEEP
  
  49152:sCXtvRXOhEc2MgyyuTEGQp8EamZaFChW7ZaxJmLufu4b:sCxRXOhEc2MgJHTp+isL+
Score

10^/10

pikabot botnet
- PikaBot
  PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.
  botnet pikabot
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy