Overview

overview

10

Static

static

3

bd879fb7fd...ce.exe

windows7-x64

1

bd879fb7fd...ce.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bd879fb7fdde311c8fd7d48f402cf5de0b7772bc3f24bb78a357c978f8681ace

  • Size

    1.4MB

  • Sample

    240317-3cqz2aac33

  • MD5

    fbd290164b013766679f8096fd974b53

  • SHA1

    7365c77a7b7dff53579346359e9b0ec5b8ba8b06

  • SHA256

    bd879fb7fdde311c8fd7d48f402cf5de0b7772bc3f24bb78a357c978f8681ace

  • SHA512

    0e2d1e6e4eacf5cd6e04715036760875e771dc342fbb46fdb3fd2748ba940ceac90e0bf16f3403b3d9626cc884631028b6d11446515d85913a5a61218687540d

  • SSDEEP

    24576:60/wpWGxRsnyM3LF+0mlBnjs60nEisX1N9rm1Jo/13JQyjLc22dEaY7Unbya87CJ:n/wn0x3LFfmHnIZE9rm1Ji3hLc22dEa3

Score
10/10
pikabotbotnet

Malware Config

Extracted

Family

pikabot

C2

23.226.138.161

104.129.55.105

Targets

    • Target

      bd879fb7fdde311c8fd7d48f402cf5de0b7772bc3f24bb78a357c978f8681ace

    • Size

      1.4MB

    • MD5

      fbd290164b013766679f8096fd974b53

    • SHA1

      7365c77a7b7dff53579346359e9b0ec5b8ba8b06

    • SHA256

      bd879fb7fdde311c8fd7d48f402cf5de0b7772bc3f24bb78a357c978f8681ace

    • SHA512

      0e2d1e6e4eacf5cd6e04715036760875e771dc342fbb46fdb3fd2748ba940ceac90e0bf16f3403b3d9626cc884631028b6d11446515d85913a5a61218687540d

    • SSDEEP

      24576:60/wpWGxRsnyM3LF+0mlBnjs60nEisX1N9rm1Jo/13JQyjLc22dEaY7Unbya87CJ:n/wn0x3LFfmHnIZE9rm1Ji3hLc22dEa3

    Score
    10/10
    pikabotbotnet

    • PikaBot

      PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.

      botnetpikabot

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks