pikabot | cbaffd95fdd294ae52188ea7fd26e99a208b111c6ad78f039f7b98bf739bf622 | Triage

Sharing

General

Target

92448bf680c6c38962d84f20c1f6633d0b7ef07261ebb6beb39d1974dd195142.zip
Size

622KB
Sample

240402-lytjlsdd8t
MD5

fdb0fa27498eb2a206845df4aeff3393
SHA1

a817a51e46feeeff550ad40b82438054e13c7ad5
SHA256

cbaffd95fdd294ae52188ea7fd26e99a208b111c6ad78f039f7b98bf739bf622
SHA512

037cdb2746b14d86652a984ee73c5b218a20e1450fc163dee468e527b51f1bc8fd1792974fb2b9aa09bc91937d4c5acf7b7acd21e5f0510ec76fd9ae566daf8a
SSDEEP

12288:Mq01Rs9+eNbGB2xMrVDP+ZrDulA6Q7IUu8B2qnXau/A5NTZgZgemU/bz8wmBTdcc:F0c9+d0x0V8XuleGiXSJgKtU//8/cuZ

Score

10^/10

pikabot botnet

Malware Config

Extracted

Family

pikabot

C2

109.199.99.131

154.38.175.241

23.226.138.143

23.226.138.161

145.239.135.24

178.18.246.136

141.95.106.106

104.129.55.105

57.128.165.176

Targets

- Target
  
  92448bf680c6c38962d84f20c1f6633d0b7ef07261ebb6beb39d1974dd195142.exe
- Size
  
  1.4MB
- MD5
  
  42343e6326d7e86d662aa54560282eb2
- SHA1
  
  4a291677e74a47861fdad0eec202071ce2c98e48
- SHA256
  
  92448bf680c6c38962d84f20c1f6633d0b7ef07261ebb6beb39d1974dd195142
- SHA512
  
  61e4f514981155ed952a50a8725b80d9eee367a16c5bd9c2b15590ce56cc2d961ef74ccbf9795e4c768768737bf71ee38ae1bd89fb3dd878974173180eeda595
- SSDEEP
  
  24576:h3dhgAYmYqHU7pHYev00V6dCDdoVYdGp8VTALtMa6X:MmYqHU7pHYY00VcCDdowG3tMa6X
Score

10^/10

pikabot botnet
- PikaBot
  PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.
  botnet pikabot
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2