Overview

overview

10

Static

static

1

4f8e60e49e...76.exe

windows7-x64

1

4f8e60e49e...76.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4f8e60e49e4c8bbd88b00558f80abc929dd9d1a033c63305159fd9fd23de0576.zip

  • Size

    622KB

  • Sample

    240402-lyncladd7z

  • MD5

    0c2de7f734190721b92fb2b31975e84f

  • SHA1

    6912e099b720a4dd2f3bb5d3824c0ed254659623

  • SHA256

    899e6b7548a87acf35bcd894c28ad4f181cb6a73e0e43ce4407603141b526431

  • SHA512

    c473abbe57d3d8f6b31e90f6a61c4e4077295ca380f04266332abfb63c98c90465edffaac1fbee4c2e5aa563c24bd0cf372eabcdb6f8e6d3fbd19447a58a2aab

  • SSDEEP

    12288:VV7M6KLiV6EEwDCThcsBeJnnIYBJlokoJVLpI9oVbarmR1VoaCVD:VhhKGLbDihcsAnnNJlk9i9uoqfoaCF

Score
10/10
pikabotbotnet

Malware Config

Extracted

Family

pikabot

C2

109.199.99.131

154.38.175.241

23.226.138.143

23.226.138.161

145.239.135.24

178.18.246.136

141.95.106.106

104.129.55.105

57.128.165.176

Targets

    • Target

      4f8e60e49e4c8bbd88b00558f80abc929dd9d1a033c63305159fd9fd23de0576.exe

    • Size

      1.4MB

    • MD5

      fb152400190659a0f41b159320efc1d4

    • SHA1

      fadc828de2a220d4f6d8950b5998b4cdff27a0ea

    • SHA256

      4f8e60e49e4c8bbd88b00558f80abc929dd9d1a033c63305159fd9fd23de0576

    • SHA512

      0de59d68cea7b8d6844805bf68037e08055a6ee46b128224dd66258e219ff09be8dfe36889fc852039e6541fd139411277f55455fe91817ca6a4bdc290b21f63

    • SSDEEP

      24576:M3dhgAYmYqHU7pHYev00V6dCDdoVYdGp8VTALtMa6e:PmYqHU7pHYY00VcCDdowG3tMa6e

    Score
    10/10
    pikabotbotnet

    • PikaBot

      PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.

      botnetpikabot

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks