pikabot | a519b9d032a342985bfe1fa3f1244f1db6699805d7883139a8245eba1c2e5dab | Triage

Submit
Reports

Overview

overview

Static

static

3

9923.dll

windows7-x64

1

9923.dll

windows10-2004-x64

Sharing

General

Target

9923.png.zip
Size

452KB
Sample

240306-thkwjaca68
MD5

4c94707bdcf5c18307c69c9c6fe7a536
SHA1

699045992aa12571dd608717c6f2987e3d01f22f
SHA256

a519b9d032a342985bfe1fa3f1244f1db6699805d7883139a8245eba1c2e5dab
SHA512

b835b91aca8f11a7df5f6c6c9fa88a21d42ea8ffd75c2175ba4f1c1071b14c083b1a3921a7c73e03fb1999d99f9cc70e10edd4d4a3baffe16aa8b0f86a68fb5d
SSDEEP

12288:EG3UIUv5oi4tMgXq8URMZ4nTzQYAeF/ofpdCqax4bzy4kba:E6i4Z81nTzlVofpdCNoBt

Score

10^/10

pikabot botnet

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9923.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

9923.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

pikabot

C2

154.53.55.165

158.247.240.58

154.12.236.248

Targets

- Target
  
  9923.png
- Size
  
  840KB
- MD5
  
  f6da6e194c429fe815f7d592688f3009
- SHA1
  
  6df03d98320c3877567a05efa94c52f828269e21
- SHA256
  
  28d318a64d06bd5c86c11002be6805ebd114600b2f1e28f136924668b915e77b
- SHA512
  
  20e73161b2615b207c1c61360db9283cb9aec8a1295ce03f1b34976a13ba3b6e992337ac6e39d51789eadeec8d7db322abc494e667f4f9f2c3f3a3642c9fd91c
- SSDEEP
  
  24576:ee9nfmpSVmL+Cf72yb1SFEtEfPmY4uRD7HpUMhOw8ghE:dBmpSVmLfCDfPJ4cDFPhmghE
Score

10^/10

pikabot botnet
- PikaBot
  PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.
  botnet pikabot
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy