pikabot | e1179516c0fe8cbf69566d5db63c6d1d7d02d67b04eae5800f9a950fb07fee81 | Triage

Submit
Reports

Overview

overview

Static

static

3

e1179516c0...81.dll

windows7-x64

1

e1179516c0...81.dll

windows10-2004-x64

Sharing

General

Target

e1179516c0fe8cbf69566d5db63c6d1d7d02d67b04eae5800f9a950fb07fee81
Size

507KB
Sample

240327-h32t1aac5x
MD5

a0b9376d1a46e876fe056dd89b79dfca
SHA1

1b363e22c6a51341e16ef4a1177596504974e066
SHA256

e1179516c0fe8cbf69566d5db63c6d1d7d02d67b04eae5800f9a950fb07fee81
SHA512

08a9b9de4b8ff6aebe1f9846e5e1994370796b4aa19613178dc320482cf68bf2ee1fb66e7925e1e4887febf398457f04e2193d48b7198d050e6666125802b946
SSDEEP

12288:nljxPw/KI5MGpBRTf4LvGCAotHnG4CEu+AvHuzfsdzjbHgRV:zPkKIGsBRTydjG4GxbHU

Score

10^/10

pikabot botnet

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e1179516c0fe8cbf69566d5db63c6d1d7d02d67b04eae5800f9a950fb07fee81.dll

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

e1179516c0fe8cbf69566d5db63c6d1d7d02d67b04eae5800f9a950fb07fee81.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

pikabot

C2

192.248.174.52:5631

109.123.227.104:2221

65.20.98.24:13783

154.38.184.3:2223

155.138.203.158:1194

210.243.8.247:23399

139.180.185.171:2222

154.221.30.136:13724

65.20.82.254:5243

Targets

- Target
  
  e1179516c0fe8cbf69566d5db63c6d1d7d02d67b04eae5800f9a950fb07fee81
- Size
  
  507KB
- MD5
  
  a0b9376d1a46e876fe056dd89b79dfca
- SHA1
  
  1b363e22c6a51341e16ef4a1177596504974e066
- SHA256
  
  e1179516c0fe8cbf69566d5db63c6d1d7d02d67b04eae5800f9a950fb07fee81
- SHA512
  
  08a9b9de4b8ff6aebe1f9846e5e1994370796b4aa19613178dc320482cf68bf2ee1fb66e7925e1e4887febf398457f04e2193d48b7198d050e6666125802b946
- SSDEEP
  
  12288:nljxPw/KI5MGpBRTf4LvGCAotHnG4CEu+AvHuzfsdzjbHgRV:zPkKIGsBRTydjG4GxbHU
Score

10^/10

pikabot botnet
- Detects PikaBot botnet
- PikaBot
  PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.
  botnet pikabot
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy