Overview

overview

10

Static

static

1

91b4fe66f4...1c.exe

windows7-x64

1

91b4fe66f4...1c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    91b4fe66f4a1c73dda730c752a4aa2895ace4458094ddfe8e064662766672a1c.zip

  • Size

    622KB

  • Sample

    240402-lys8vadh65

  • MD5

    02c54ad524510c3e326f3dfcb00062e3

  • SHA1

    84ee333b4549407d2d1e4aceb1a7c0a14bf7b4b1

  • SHA256

    eaa62d0f407b55e15eeeeaff7adce19d3e66a8f46620030f45f5ece6af3af4b8

  • SHA512

    053373c9ffc543b60d6587bd43aa068e11cc1fc4a68d343532e99367bf5b43b69ea8b48f7eac54248c8dd317391ac86ebbe904ec45cffb6b1448fe760b13d044

  • SSDEEP

    12288:WAi+znlOit5H4yGO7C3mSbn2hTzfID8C8gkVeZhPK9SW9:WklvtJ457d8CrlZhPK9h

Score
10/10
pikabotbotnet

Malware Config

Extracted

Family

pikabot

C2

109.199.99.131

154.38.175.241

23.226.138.143

23.226.138.161

145.239.135.24

178.18.246.136

141.95.106.106

104.129.55.105

57.128.165.176

Targets

    • Target

      91b4fe66f4a1c73dda730c752a4aa2895ace4458094ddfe8e064662766672a1c.exe

    • Size

      1.4MB

    • MD5

      b40734b6596a75cfc3a9e489798fb429

    • SHA1

      9c73437a7e0593ecfe8bfceb228eceb725b14c0e

    • SHA256

      91b4fe66f4a1c73dda730c752a4aa2895ace4458094ddfe8e064662766672a1c

    • SHA512

      1fa6c82df3eba06ba6741f3c490bd86e445b288dd8e5ab51f46dee1ebf2cc5e8ab2b94cd63d5edf84251704cbeefca3f49322a68033c4f779adc8478d94e2f32

    • SSDEEP

      24576:E3dhgAYmYqHU7pHYev00V6dCDdoVYdGp8VTALtMa6:nmYqHU7pHYY00VcCDdowG3tMa6

    Score
    10/10
    pikabotbotnet

    • PikaBot

      PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.

      botnetpikabot

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks