pikabot | e2773b171d3bd55901647d406fc3de00c7a51bfe2f250667868948fe40fadc47 | Triage

Submit
Reports

Overview

overview

Static

static

3

326a847024...49.dll

windows7-x64

1

326a847024...49.dll

windows10-2004-x64

Sharing

General

Target

15712848647.zip
Size

464KB
Sample

240307-mtc7haad9y
MD5

cafe2d4bd0ed1a67d84f33aca3cf4d1f
SHA1

9cbccd9c7332ee5706b9c5671c29bc77bb33052d
SHA256

e2773b171d3bd55901647d406fc3de00c7a51bfe2f250667868948fe40fadc47
SHA512

3c937116a0faa8b747defcb3b8e09132695af72664ce271e72cb32f75bdf7de91ade8015f763c6ed77207299ab0e28f1f77b634b68c1aa3c70602602289c304e
SSDEEP

12288:HCRUxp+6QChPn9hfrDYgszuK1SXyOVc4rHCG2:HC6xYIhP9hTDSf2yGWG2

Score

10^/10

pikabot botnet

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

326a84702468acaaa4b6aa0eecab55dcb8f443ddac5a6dfb66a4120a4e42ab49.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

300 seconds

Behavioral task

behavioral2

Sample

326a84702468acaaa4b6aa0eecab55dcb8f443ddac5a6dfb66a4120a4e42ab49.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

7 signatures

300 seconds

Malware Config

Extracted

Family

pikabot

C2

154.53.55.165

158.247.240.58

154.12.236.248

Targets

- Target
  
  326a84702468acaaa4b6aa0eecab55dcb8f443ddac5a6dfb66a4120a4e42ab49
- Size
  
  840KB
- MD5
  
  72a127660a34aae5e734620f22a77a8a
- SHA1
  
  9fe5934370d801df2c1d340456de15931ae392a0
- SHA256
  
  326a84702468acaaa4b6aa0eecab55dcb8f443ddac5a6dfb66a4120a4e42ab49
- SHA512
  
  d2c2e7e6bae99cef36af68168c6809f4cdb03d332c5e0c505a70baac5941ddf3f3d6ee35f9e4fcd3c70e0630e7ac07a30f3398d00dba9b7632d1cf9071bcacb0
- SSDEEP
  
  24576:6e9nfmpSVmL+Cf72yb1SFEtEfPmY4uRD7HpUMhOw8ghE:pBmpSVmLfCDfPJ4cDFPhmghE
Score

10^/10

pikabot botnet
- PikaBot
  PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.
  botnet pikabot
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy