Overview

overview

10

Static

static

1

92448bf680...42.exe

windows7-x64

1

92448bf680...42.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    92448bf680c6c38962d84f20c1f6633d0b7ef07261ebb6beb39d1974dd195142.zip

  • Size

    622KB

  • Sample

    240402-lytjlsdd8t

  • MD5

    fdb0fa27498eb2a206845df4aeff3393

  • SHA1

    a817a51e46feeeff550ad40b82438054e13c7ad5

  • SHA256

    cbaffd95fdd294ae52188ea7fd26e99a208b111c6ad78f039f7b98bf739bf622

  • SHA512

    037cdb2746b14d86652a984ee73c5b218a20e1450fc163dee468e527b51f1bc8fd1792974fb2b9aa09bc91937d4c5acf7b7acd21e5f0510ec76fd9ae566daf8a

  • SSDEEP

    12288:Mq01Rs9+eNbGB2xMrVDP+ZrDulA6Q7IUu8B2qnXau/A5NTZgZgemU/bz8wmBTdcc:F0c9+d0x0V8XuleGiXSJgKtU//8/cuZ

Score
10/10
pikabotbotnet

Malware Config

Extracted

Family

pikabot

C2

109.199.99.131

154.38.175.241

23.226.138.143

23.226.138.161

145.239.135.24

178.18.246.136

141.95.106.106

104.129.55.105

57.128.165.176

Targets

    • Target

      92448bf680c6c38962d84f20c1f6633d0b7ef07261ebb6beb39d1974dd195142.exe

    • Size

      1.4MB

    • MD5

      42343e6326d7e86d662aa54560282eb2

    • SHA1

      4a291677e74a47861fdad0eec202071ce2c98e48

    • SHA256

      92448bf680c6c38962d84f20c1f6633d0b7ef07261ebb6beb39d1974dd195142

    • SHA512

      61e4f514981155ed952a50a8725b80d9eee367a16c5bd9c2b15590ce56cc2d961ef74ccbf9795e4c768768737bf71ee38ae1bd89fb3dd878974173180eeda595

    • SSDEEP

      24576:h3dhgAYmYqHU7pHYev00V6dCDdoVYdGp8VTALtMa6X:MmYqHU7pHYY00VcCDdowG3tMa6X

    Score
    10/10
    pikabotbotnet

    • PikaBot

      PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.

      botnetpikabot

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks