Overview

overview

10

Static

static

3

8910550c45...78.dll

windows7-x64

1

8910550c45...78.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8910550c45d5943d4d61d94ac4747b6f2a8a910e8c37dc480598686e3dcbad78

  • Size

    840KB

  • Sample

    240308-zmah9afh56

  • MD5

    d8272db8c4ced8f2c40ae46090c421bb

  • SHA1

    3b919ca191958e0001fcf9c9e82fd55f093f8496

  • SHA256

    8910550c45d5943d4d61d94ac4747b6f2a8a910e8c37dc480598686e3dcbad78

  • SHA512

    29312268a357bc76962b1cbd75ddb6fd48e4b122635f472c9266cfde0064916381f7ccee0b56213fb06bc7b220240132ab520ee11f27f15c5eb1298afae7bcf4

  • SSDEEP

    24576:je9nfmpSVmL+Cf72yb1SFEtEfPmY4uRD7HpUMhOw8ghE:qBmpSVmLfCDfPJ4cDFPhmghE

Score
10/10
pikabotbotnet

Malware Config

Extracted

Family

pikabot

C2

154.53.55.165

158.247.240.58

154.12.236.248

Targets

    • Target

      8910550c45d5943d4d61d94ac4747b6f2a8a910e8c37dc480598686e3dcbad78

    • Size

      840KB

    • MD5

      d8272db8c4ced8f2c40ae46090c421bb

    • SHA1

      3b919ca191958e0001fcf9c9e82fd55f093f8496

    • SHA256

      8910550c45d5943d4d61d94ac4747b6f2a8a910e8c37dc480598686e3dcbad78

    • SHA512

      29312268a357bc76962b1cbd75ddb6fd48e4b122635f472c9266cfde0064916381f7ccee0b56213fb06bc7b220240132ab520ee11f27f15c5eb1298afae7bcf4

    • SSDEEP

      24576:je9nfmpSVmL+Cf72yb1SFEtEfPmY4uRD7HpUMhOw8ghE:qBmpSVmLfCDfPJ4cDFPhmghE

    Score
    10/10
    pikabotbotnet

    • PikaBot

      PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.

      botnetpikabot

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks