pikabot | f273d572dbbb5eced162ca1f2059088ed15005f57374968bf93cb01843a187d8 | Triage

Submit
Reports

Overview

overview

Static

static

3

dd2b6e3aa7...df.dll

windows7-x64

1

dd2b6e3aa7...df.dll

windows10-2004-x64

Sharing

General

Target

dd2b6e3aa75de8460730862f2dc739537734a7dfc9e673b6a23ee58430348ddf.zip
Size

452KB
Sample

240402-lywnzadh79
MD5

aebb3e6c44bada8c0acab50617b79f78
SHA1

32a8617739642eab42e75cfe863b4f477444a35d
SHA256

f273d572dbbb5eced162ca1f2059088ed15005f57374968bf93cb01843a187d8
SHA512

b4a42f6ac66f07fe1cfd7a08a9f3d75abb240ed5598a5d03db955ec7f6eef008246eb3eecb522c931d48dfacfba5cbb42a34ae9287ddf15448e4f8fd69fc311b
SSDEEP

12288:bdJMHHakQY6dIxpRvWAvPzUTdeJL9yXX2r0uwCkK3g+dtSy:bdCJQY6dmLvWAvPgTSM2lwCH3gcSy

Score

10^/10

pikabot botnet

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

dd2b6e3aa75de8460730862f2dc739537734a7dfc9e673b6a23ee58430348ddf.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

dd2b6e3aa75de8460730862f2dc739537734a7dfc9e673b6a23ee58430348ddf.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

pikabot

C2

154.53.55.165

158.247.240.58

154.12.236.248

Targets

- Target
  
  dd2b6e3aa75de8460730862f2dc739537734a7dfc9e673b6a23ee58430348ddf.dll
- Size
  
  840KB
- MD5
  
  bcc53210e13294cbd6a8172558d99295
- SHA1
  
  02f78e1449ce844dc2807d850aab397d34ec35aa
- SHA256
  
  dd2b6e3aa75de8460730862f2dc739537734a7dfc9e673b6a23ee58430348ddf
- SHA512
  
  c78653407e87f4cd28bef5b9f1571039948dfce2c771ae9c2357160d97c6596f640887bbf898001f251ae4c62f727e25a5adb2487b7b583c73bf5f3dc0f2dda2
- SSDEEP
  
  24576:2e9nfmpSVmL+Cf72yb1SFEtEfPmY4uRD7HpUMhOw8ghE:lBmpSVmLfCDfPJ4cDFPhmghE
Score

10^/10

pikabot botnet
- PikaBot
  PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.
  botnet pikabot
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy