Overview

overview

10

Static

static

1

58c15b6ead...46.exe

windows7-x64

1

58c15b6ead...46.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    58c15b6ead753c7740c08232f79dbb0eaab74b613052247e49bf5d6abc8ae046.zip

  • Size

    622KB

  • Sample

    240402-lynncsdh49

  • MD5

    acbeac8565e7befd2546019373e4b215

  • SHA1

    424dbfbc23d86199a7e6eb91320b4a06ac640b83

  • SHA256

    8a654fa02e4aadf2963593cb58d4abb637a34e793fff3ee6d99ce83546549ade

  • SHA512

    64c1f25ce9b46ad443d2c6c07e27250e72663ef00cefc46a2efd74aa2ad0187e16df4d2ded23fccbb17b7155da8c0e43383c86d1178b10f5d571d003bf263d1a

  • SSDEEP

    12288:NZd06cRL1l9PXW9Ffc9Su8yfeMnw0LNfIYVHYkJ7m00:NV+1lxOFfZ9yfNFNfxj7mf

Score
10/10
pikabotbotnet

Malware Config

Extracted

Family

pikabot

C2

109.199.99.131

154.38.175.241

23.226.138.143

23.226.138.161

145.239.135.24

178.18.246.136

141.95.106.106

104.129.55.105

57.128.165.176

Targets

    • Target

      58c15b6ead753c7740c08232f79dbb0eaab74b613052247e49bf5d6abc8ae046.exe

    • Size

      1.4MB

    • MD5

      ea3880507276cfe594330994f35ac96c

    • SHA1

      2770675dfbfdf749ba9af4ddf6a106cc49865db2

    • SHA256

      58c15b6ead753c7740c08232f79dbb0eaab74b613052247e49bf5d6abc8ae046

    • SHA512

      ebb2a4beeb40f3711734539aae17a15f8c9551576a00848053017d46bd7a4da036f3f1b9599d282b2e008fbbc28b49c7196f9732cc55675e559f4ea3abacecf4

    • SSDEEP

      24576:43dhgAYmYqHU7pHYev00V6dCDdoVYdGp8VTALtMa6N:LmYqHU7pHYY00VcCDdowG3tMa6N

    Score
    10/10
    pikabotbotnet

    • PikaBot

      PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.

      botnetpikabot

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks