Overview

overview

10

Static

static

1

000ac83fe3...6c.exe

windows7-x64

1

000ac83fe3...6c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    000ac83fe38ca68495fc023c4b449f86c9d71b9583e0a7b4713cdc246a67306c.zip

  • Size

    622KB

  • Sample

    240402-lylh1adh43

  • MD5

    94b9915558097ada51de6c5354d6b127

  • SHA1

    7e60f6bee2bf2866bd4144003f61d7ce893112ec

  • SHA256

    cb0f3edc7178bb106bb934cae8d50162328feecb81b33c183bd8d26296cf1a88

  • SHA512

    9eaf6d0fca36cc83c7705fcb222dacc2f5646999980796a3a6bb3eb7cffed0f63e8b54d68ee034163c618514c4257e7c39bee03a1edfe6b1413247d2f2bbf21e

  • SSDEEP

    12288:LJa4igUOcyju5mjHWPm1zdAx2uHD68tme/L8udAQJBpkXdo1lna7XbH:LcpO45k2+1luO8MYL8JQJPkXyHa7rH

Score
10/10
pikabotbotnet

Malware Config

Extracted

Family

pikabot

C2

109.199.99.131

154.38.175.241

23.226.138.143

23.226.138.161

145.239.135.24

178.18.246.136

141.95.106.106

104.129.55.105

57.128.165.176

Targets

    • Target

      000ac83fe38ca68495fc023c4b449f86c9d71b9583e0a7b4713cdc246a67306c.exe

    • Size

      1.4MB

    • MD5

      188e1dc92136a378a1c6dad95abc87c1

    • SHA1

      94f851e2bac770cd574289aa1a2b5fc8fb331b49

    • SHA256

      000ac83fe38ca68495fc023c4b449f86c9d71b9583e0a7b4713cdc246a67306c

    • SHA512

      a1d6fd727b29974398757daf982c306924ed65ecaf943ab408113f9575a87e94d6a3fb31abc22656cb6a32c7673bffd8f660c537df72a92f4219ac3873bf9269

    • SSDEEP

      24576:o3dhgAYmYqHU7pHYev00V6dCDdoVYdGp8VTALtMa6:bmYqHU7pHYY00VcCDdowG3tMa6

    Score
    10/10
    pikabotbotnet

    • PikaBot

      PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.

      botnetpikabot

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks