Overview

overview

10

Static

static

1

887594ca6a...98.exe

windows7-x64

1

887594ca6a...98.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    887594ca6a20bf67064c0f2bf0db1246ab54236df3fadb7162ac8290d40b1798.zip

  • Size

    622KB

  • Sample

    240402-lypknadd71

  • MD5

    685a560e6221a0bc7cccf50daca64fb8

  • SHA1

    9ec7c5a0bc0b4aebc9aa88f41499afcc0fa858ed

  • SHA256

    1b856a4e1aa8be60c26ec28c906f52cd5db4fbd283e95710a457bd29e4008f08

  • SHA512

    7c8d7981beea0d48eeb683f14ef81d18963da0944fd7948bfd8b12fd3dad62d0bec37d0500145b9c7f3c12ffd7c040b6e0e52876b35c1cc01c0f0cb1415b1b02

  • SSDEEP

    12288:DnhFMXsW4XrUFWWdzxKT1AEzIppWcuniZrhJG7qmOqmNj:DgZUWtdzxKTZEe1nMYzqt

Score
10/10
pikabotbotnet

Malware Config

Extracted

Family

pikabot

C2

109.199.99.131

154.38.175.241

23.226.138.143

23.226.138.161

145.239.135.24

178.18.246.136

141.95.106.106

104.129.55.105

57.128.165.176

Targets

    • Target

      887594ca6a20bf67064c0f2bf0db1246ab54236df3fadb7162ac8290d40b1798.exe

    • Size

      1.4MB

    • MD5

      2677fd95e54293517c0bc79fdd108f34

    • SHA1

      278e973250198ccfcd4789c8f4951e8d9fe1ff84

    • SHA256

      887594ca6a20bf67064c0f2bf0db1246ab54236df3fadb7162ac8290d40b1798

    • SHA512

      cf9a96fb75eb780b4111d48417d1d9a1373372e4a8a678a0acf1a2399d31a3d7e89b1088ab418860f95c4d1da5820c013fb94af45b2a2638b4d75ea253527de3

    • SSDEEP

      24576:63dhgAYmYqHU7pHYev00V6dCDdoVYdGp8VTALtMa6L:FmYqHU7pHYY00VcCDdowG3tMa6L

    Score
    10/10
    pikabotbotnet

    • PikaBot

      PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.

      botnetpikabot

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks