Overview

overview

10

Static

static

3

d1b839ff22...65.dll

windows7-x64

1

d1b839ff22...65.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d1b839ff226453091b1e90711b36dd2630a8664432f3742faa1cd24521257c65

  • Size

    840KB

  • Sample

    240308-aswk8sad32

  • MD5

    dc3e5c80671a78e21f1a83ff13260799

  • SHA1

    d290a5f07168c4e97cfd11de61f405889ccfe529

  • SHA256

    d1b839ff226453091b1e90711b36dd2630a8664432f3742faa1cd24521257c65

  • SHA512

    e904b79af7667fbcbe25de1f45c216fdd8f2ec1f449cdfe80c6efe25eb352f7d680f12592634e0d85daf85fa6f0f6afa2085849391e2f99b6678604187b95335

  • SSDEEP

    24576:Qe9nfmpSVmL+Cf72yb1SFEtEfPmY4uRD7HpUMhOw8ghE:/BmpSVmLfCDfPJ4cDFPhmghE

Score
10/10
pikabotbotnet

Malware Config

Extracted

Family

pikabot

C2

154.53.55.165

158.247.240.58

154.12.236.248

Targets

    • Target

      d1b839ff226453091b1e90711b36dd2630a8664432f3742faa1cd24521257c65

    • Size

      840KB

    • MD5

      dc3e5c80671a78e21f1a83ff13260799

    • SHA1

      d290a5f07168c4e97cfd11de61f405889ccfe529

    • SHA256

      d1b839ff226453091b1e90711b36dd2630a8664432f3742faa1cd24521257c65

    • SHA512

      e904b79af7667fbcbe25de1f45c216fdd8f2ec1f449cdfe80c6efe25eb352f7d680f12592634e0d85daf85fa6f0f6afa2085849391e2f99b6678604187b95335

    • SSDEEP

      24576:Qe9nfmpSVmL+Cf72yb1SFEtEfPmY4uRD7HpUMhOw8ghE:/BmpSVmLfCDfPJ4cDFPhmghE

    Score
    10/10
    pikabotbotnet

    • PikaBot

      PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.

      botnetpikabot

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks