pikabot | fafdd87991351ff0fa2b888a9d22fc058f1a08a6c08651d7ee0164740c70ec51 | Triage

Resubmissions

22-02-2024 18:49

240222-xgq8psec97 10

21-02-2024 04:21

240221-eyp3vsbh83 5

Sharing

General

Target

fafdd87991351ff0fa2b888a9d22fc058f1a08a6c08651d7ee0164740c70ec51.exe
Size

1.4MB
Sample

240222-xgq8psec97
MD5

51813e18e119f2839f48afe00ac99ed8
SHA1

7f0d60a0e87499891c5d7944ac8e8b6252ca6eb7
SHA256

fafdd87991351ff0fa2b888a9d22fc058f1a08a6c08651d7ee0164740c70ec51
SHA512

07ca9af7adfbfa32c3b0e095d3b306f1c44d72750efe3b347ed391895445191599166ef731f9eb2742bdf4006d4caffb3aeb18de65f65befc1c6be349a205e98
SSDEEP

24576:13dhgAYmYqHU7pHYev00V6dCDdoVYdGp8VTALtMa6u:AmYqHU7pHYY00VcCDdowG3tMa6u

Score

10^/10

pikabot botnet

Malware Config

Extracted

Family

pikabot

C2

109.199.99.131

154.38.175.241

23.226.138.143

23.226.138.161

145.239.135.24

178.18.246.136

141.95.106.106

104.129.55.105

57.128.165.176

Targets

- Target
  
  fafdd87991351ff0fa2b888a9d22fc058f1a08a6c08651d7ee0164740c70ec51.exe
- Size
  
  1.4MB
- MD5
  
  51813e18e119f2839f48afe00ac99ed8
- SHA1
  
  7f0d60a0e87499891c5d7944ac8e8b6252ca6eb7
- SHA256
  
  fafdd87991351ff0fa2b888a9d22fc058f1a08a6c08651d7ee0164740c70ec51
- SHA512
  
  07ca9af7adfbfa32c3b0e095d3b306f1c44d72750efe3b347ed391895445191599166ef731f9eb2742bdf4006d4caffb3aeb18de65f65befc1c6be349a205e98
- SSDEEP
  
  24576:13dhgAYmYqHU7pHYev00V6dCDdoVYdGp8VTALtMa6u:AmYqHU7pHYY00VcCDdowG3tMa6u
Score

10^/10

pikabot botnet
- PikaBot
  PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.
  botnet pikabot
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1