Overview

overview

10

Static

static

1

cd90e313fa...ee.exe

windows7-x64

1

cd90e313fa...ee.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cd90e313fa18cc71c65f2c4db3c21ca33241359d6174c771bad2118c0abf8cee.zip

  • Size

    622KB

  • Sample

    240402-lywnzadh77

  • MD5

    c523ba4fd64b9d0da2ffb96879cbb9c2

  • SHA1

    e6790fb4e4b07ae7771ddf025dd9fcf4f85c2576

  • SHA256

    4c996915b63aea042d04db28b0ca8fd68cc3025cb488bc9572ec1d3dc6e50949

  • SHA512

    7bcabe125d015f1cd104ee73644d81579076efa372b01495e42131ccdf2621d85e46b8634bad8179f061a3ffbb2131b738e007e5d42008707a5193ef8e972568

  • SSDEEP

    12288:9DKSSpZnUZkIbNOWvGzBTHM4SXKkkuj49ZB7YhdJcW:93S7UZkIxmBz8NgZUx

Score
10/10
pikabotbotnet

Malware Config

Extracted

Family

pikabot

C2

109.199.99.131

154.38.175.241

23.226.138.143

23.226.138.161

145.239.135.24

178.18.246.136

141.95.106.106

104.129.55.105

57.128.165.176

Targets

    • Target

      cd90e313fa18cc71c65f2c4db3c21ca33241359d6174c771bad2118c0abf8cee.exe

    • Size

      1.4MB

    • MD5

      0e84652db2c0c15a346c3d5f5fd1eccb

    • SHA1

      f5837512c4a9c6094e40bd8cb3e7fb883d46570d

    • SHA256

      cd90e313fa18cc71c65f2c4db3c21ca33241359d6174c771bad2118c0abf8cee

    • SHA512

      0e7728b034e57ce74bb786ef203747239bc2e15b74f3e35c6b06889253e3d1eb6efcac812a1bade87ad53bad603c68dd35b924770a533bab1b94633fc0e55678

    • SSDEEP

      24576:A3dhgAYmYqHU7pHYev00V6dCDdoVYdGp8VTALtMa6E:TmYqHU7pHYY00VcCDdowG3tMa6E

    Score
    10/10
    pikabotbotnet

    • PikaBot

      PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.

      botnetpikabot

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks