Overview

overview

10

Static

static

3

dd2b6e3aa7...df.dll

windows7-x64

1

dd2b6e3aa7...df.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dd2b6e3aa75de8460730862f2dc739537734a7dfc9e673b6a23ee58430348ddf.zip

  • Size

    452KB

  • Sample

    240402-qtk4wsbe4z

  • MD5

    6b2bdc5f691431e0723f65564ad1a90d

  • SHA1

    91b4f2979d052195e9cf59c6384024089d401779

  • SHA256

    6246f43bd1a5ef67db2a2170cf12bef8bfbbcc58f3f9a9072832d3ac20729a42

  • SHA512

    d83263aa4a5357622e7c54cbb6b15d9f2e482c5ae11411ac6db7036afe8b242b096d4c50cb7dcf8022636df1fafdb5d881c0b01833a460a43da12c32b9a6d50d

  • SSDEEP

    12288:YVTvsFnSbOjlDmzCO7WhezdBNBKQuy5jXA9a6odd:YVTF6pV6gWdjBnQ6d

Score
10/10
pikabotbotnet

Malware Config

Extracted

Family

pikabot

C2

154.53.55.165

158.247.240.58

154.12.236.248

Targets

    • Target

      dd2b6e3aa75de8460730862f2dc739537734a7dfc9e673b6a23ee58430348ddf.dll

    • Size

      840KB

    • MD5

      bcc53210e13294cbd6a8172558d99295

    • SHA1

      02f78e1449ce844dc2807d850aab397d34ec35aa

    • SHA256

      dd2b6e3aa75de8460730862f2dc739537734a7dfc9e673b6a23ee58430348ddf

    • SHA512

      c78653407e87f4cd28bef5b9f1571039948dfce2c771ae9c2357160d97c6596f640887bbf898001f251ae4c62f727e25a5adb2487b7b583c73bf5f3dc0f2dda2

    • SSDEEP

      24576:2e9nfmpSVmL+Cf72yb1SFEtEfPmY4uRD7HpUMhOw8ghE:lBmpSVmLfCDfPJ4cDFPhmghE

    Score
    10/10
    pikabotbotnet

    • PikaBot

      PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.

      botnetpikabot

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks