Overview

overview

10

Static

static

3

9dbe815e10...6b.dll

windows7-x64

1

9dbe815e10...6b.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9dbe815e1095f14671ba41aefcaa7a6b

  • Size

    935KB

  • Sample

    240229-q979csbb81

  • MD5

    9dbe815e1095f14671ba41aefcaa7a6b

  • SHA1

    ebc5eafbde6bce3d6829b322822dc5a2755778bb

  • SHA256

    6e4c6e8fcee2d72021ce2a9621614c7919ae71133d1a355365d1b1a21579d51f

  • SHA512

    79fa9f70c49d39db9b9031471ad18d3614c6bbd50e04f96b73920bc22362d3a3ab7bb5764bb66ec67f28b8afbeea65c8845ff28fdd34e79a90627eb403947f6b

  • SSDEEP

    12288:2qOfdYcwbu2jfQXSw7iDDVScHBsgVitfm5tltS2cevnXi1I09sjjGEzU3A:Vs/ONf1w7sw8s9whtSVCXWs/GEgA

Score
10/10
pikabotbotnet

Malware Config

Extracted

Family

pikabot

C2

141.95.106.106

104.129.55.106

104.129.55.105

23.226.138.161

145.239.135.24

85.239.243.155

23.226.138.143

57.128.165.176

178.18.246.136

Targets

    • Target

      9dbe815e1095f14671ba41aefcaa7a6b

    • Size

      935KB

    • MD5

      9dbe815e1095f14671ba41aefcaa7a6b

    • SHA1

      ebc5eafbde6bce3d6829b322822dc5a2755778bb

    • SHA256

      6e4c6e8fcee2d72021ce2a9621614c7919ae71133d1a355365d1b1a21579d51f

    • SHA512

      79fa9f70c49d39db9b9031471ad18d3614c6bbd50e04f96b73920bc22362d3a3ab7bb5764bb66ec67f28b8afbeea65c8845ff28fdd34e79a90627eb403947f6b

    • SSDEEP

      12288:2qOfdYcwbu2jfQXSw7iDDVScHBsgVitfm5tltS2cevnXi1I09sjjGEzU3A:Vs/ONf1w7sw8s9whtSVCXWs/GEgA

    Score
    10/10
    pikabotbotnet

    • PikaBot

      PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.

      botnetpikabot

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks