pikabot | 6e4c6e8fcee2d72021ce2a9621614c7919ae71133d1a355365d1b1a21579d51f | Triage

Submit
Reports

Overview

overview

Static

static

3

9dbe815e10...6b.dll

windows7-x64

1

9dbe815e10...6b.dll

windows10-2004-x64

Sharing

General

Target

9dbe815e1095f14671ba41aefcaa7a6b
Size

935KB
Sample

240229-q979csbb81
MD5

9dbe815e1095f14671ba41aefcaa7a6b
SHA1

ebc5eafbde6bce3d6829b322822dc5a2755778bb
SHA256

6e4c6e8fcee2d72021ce2a9621614c7919ae71133d1a355365d1b1a21579d51f
SHA512

79fa9f70c49d39db9b9031471ad18d3614c6bbd50e04f96b73920bc22362d3a3ab7bb5764bb66ec67f28b8afbeea65c8845ff28fdd34e79a90627eb403947f6b
SSDEEP

12288:2qOfdYcwbu2jfQXSw7iDDVScHBsgVitfm5tltS2cevnXi1I09sjjGEzU3A:Vs/ONf1w7sw8s9whtSVCXWs/GEgA

Score

10^/10

pikabot botnet

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9dbe815e1095f14671ba41aefcaa7a6b.dll

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

9dbe815e1095f14671ba41aefcaa7a6b.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

pikabot

C2

141.95.106.106

104.129.55.106

104.129.55.105

23.226.138.161

145.239.135.24

85.239.243.155

23.226.138.143

57.128.165.176

178.18.246.136

Targets

- Target
  
  9dbe815e1095f14671ba41aefcaa7a6b
- Size
  
  935KB
- MD5
  
  9dbe815e1095f14671ba41aefcaa7a6b
- SHA1
  
  ebc5eafbde6bce3d6829b322822dc5a2755778bb
- SHA256
  
  6e4c6e8fcee2d72021ce2a9621614c7919ae71133d1a355365d1b1a21579d51f
- SHA512
  
  79fa9f70c49d39db9b9031471ad18d3614c6bbd50e04f96b73920bc22362d3a3ab7bb5764bb66ec67f28b8afbeea65c8845ff28fdd34e79a90627eb403947f6b
- SSDEEP
  
  12288:2qOfdYcwbu2jfQXSw7iDDVScHBsgVitfm5tltS2cevnXi1I09sjjGEzU3A:Vs/ONf1w7sw8s9whtSVCXWs/GEgA
Score

10^/10

pikabot botnet
- PikaBot
  PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.
  botnet pikabot
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy