Overview

overview

10

Static

static

1

1137b149e0...31.exe

windows7-x64

1

1137b149e0...31.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1137b149e0bced9e6700658b526bd7eb27f59e0850bef8ee843359d887f6f131.zip

  • Size

    622KB

  • Sample

    240402-lyl5jadd7s

  • MD5

    5c6bfd9f0b380b8ab39fd67ac71db53b

  • SHA1

    2c73c84427b629620562710d60ccd5171b4f7e68

  • SHA256

    ca2d98031190f727ecc5f312765f0a8da673299058b38cb233f604b0ecf3975b

  • SHA512

    6a1251b8844f9c5d883e54591a67669d3941c2f7d3c0510da11ce406faf28b2ebd6977b736b149dfca0249d91bc055d7c5c9b60d6a7e1f6311111f068481d815

  • SSDEEP

    12288:6ZDTCbEcstaQQdfuzTnx5EN7H6Pp76mrmMnOry5Sw0RDRsWr3ekxV7KWlJ6ulXyU:EDTAdfWTnUNWROmrnnQy5SFfsa7Ks6un

Score
10/10
pikabotbotnet

Malware Config

Extracted

Family

pikabot

C2

109.199.99.131

154.38.175.241

23.226.138.143

23.226.138.161

145.239.135.24

178.18.246.136

141.95.106.106

104.129.55.105

57.128.165.176

Targets

    • Target

      1137b149e0bced9e6700658b526bd7eb27f59e0850bef8ee843359d887f6f131.exe

    • Size

      1.4MB

    • MD5

      5940a7f204f6bc04518afe1483f909d4

    • SHA1

      ce4e7d83a520e8008210b4f6ee40111941df2b1b

    • SHA256

      1137b149e0bced9e6700658b526bd7eb27f59e0850bef8ee843359d887f6f131

    • SHA512

      bb3e7af7a1ec4ee42e6192e2245a385fa6605e8f1bf541ee6b9a8d6a397daec5c55c1957bf56e7aa871505c6c18953327491e54ce6276132c4f412a2990b13c4

    • SSDEEP

      24576:v3dhgAYmYqHU7pHYev00V6dCDdoVYdGp8VTALtMa6:ymYqHU7pHYY00VcCDdowG3tMa6

    Score
    10/10
    pikabotbotnet

    • PikaBot

      PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.

      botnetpikabot

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks