pikabot | BA9C8D114B9B31C67D1F6360BFA1299F72B1666F550208C150C7335E1D9E28C2[.]exe | Triage

Sharing

General

Target

BA9C8D114B9B31C67D1F6360BFA1299F72B1666F550208C150C7335E1D9E28C2.exe
Size

1.0MB
MD5

3e04f77527eae6997e9de906dbc19ddc
SHA1

bc1c630b2bbd98852222f34979e71e654109ae3e
SHA256

ba9c8d114b9b31c67d1f6360bfa1299f72b1666f550208c150c7335e1d9e28c2
SHA512

5ed50a50f67c69b08cb1045fa3a50b1e438683cbdb642f209c52db4a60050d6ac5b13575e42a59df3cea34d22c9f25f8263b684be1aefdac6fe0fd233c7eddce
SSDEEP

1536:S/v673IbnUpotVn/bwTJTL/CvAcArR9i/0EwhQNHI66:S/vI4cotVUF/0AcArR8MEsQNof

Score

10^/10

pikabot

Malware Config

Signatures

Pikabot family
pikabot

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BA9C8D114B9B31C67D1F6360BFA1299F72B1666F550208C150C7335E1D9E28C2.exe

Files

BA9C8D114B9B31C67D1F6360BFA1299F72B1666F550208C150C7335E1D9E28C2.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ