General
-
Target
dd2b6e3aa75de8460730862f2dc739537734a7dfc9e673b6a23ee58430348ddf.zip
-
Size
452KB
-
Sample
240402-qtk4wsbe4z
-
MD5
6b2bdc5f691431e0723f65564ad1a90d
-
SHA1
91b4f2979d052195e9cf59c6384024089d401779
-
SHA256
6246f43bd1a5ef67db2a2170cf12bef8bfbbcc58f3f9a9072832d3ac20729a42
-
SHA512
d83263aa4a5357622e7c54cbb6b15d9f2e482c5ae11411ac6db7036afe8b242b096d4c50cb7dcf8022636df1fafdb5d881c0b01833a460a43da12c32b9a6d50d
-
SSDEEP
12288:YVTvsFnSbOjlDmzCO7WhezdBNBKQuy5jXA9a6odd:YVTF6pV6gWdjBnQ6d
Static task
static1
Behavioral task
behavioral1
Sample
dd2b6e3aa75de8460730862f2dc739537734a7dfc9e673b6a23ee58430348ddf.dll
Resource
win7-20240221-en
Malware Config
Extracted
pikabot
https://154.53.55.165:13719
https://158.247.240.58:5688
https://70.34.223.164:5000
https://70.34.199.64:9785
https://45.77.63.237:5687
https://198.38.94.213:2224
https://94.72.104.80:5000
https://84.46.240.42:2083
https://154.12.236.248:13722
https://94.72.104.77:13724
https://209.126.86.48:1194
Targets
-
-
Target
dd2b6e3aa75de8460730862f2dc739537734a7dfc9e673b6a23ee58430348ddf.dll
-
Size
840KB
-
MD5
bcc53210e13294cbd6a8172558d99295
-
SHA1
02f78e1449ce844dc2807d850aab397d34ec35aa
-
SHA256
dd2b6e3aa75de8460730862f2dc739537734a7dfc9e673b6a23ee58430348ddf
-
SHA512
c78653407e87f4cd28bef5b9f1571039948dfce2c771ae9c2357160d97c6596f640887bbf898001f251ae4c62f727e25a5adb2487b7b583c73bf5f3dc0f2dda2
-
SSDEEP
24576:2e9nfmpSVmL+Cf72yb1SFEtEfPmY4uRD7HpUMhOw8ghE:lBmpSVmLfCDfPJ4cDFPhmghE
-
Pikabot family
-
Suspicious use of SetThreadContext
-