General
-
Target
7d18e238febf88bc7c868e3ee4189fd12a2aa4db21f66151bb4c15c0600eca6e.zip
-
Size
630KB
-
Sample
240403-xng9daab69
-
MD5
48d2462d9909c469c77a9f2cdd6e5a52
-
SHA1
3d4811e66f96ec755ae6e4fd21efa3b0969a7812
-
SHA256
e870524c78cc42950cfa7ee6e826343e6eae70988701f54374e8effc3c9364ef
-
SHA512
66e4d7ae6cfafd9ba312251db02e3c82957c6a4757891afbc74321e81a6bc820d78e63f64e2fb89a2ab731d1c5c58ba192828da3c921a36d49c4120081ddda09
-
SSDEEP
12288:NzH+YIv2rj89bbSxweQYTl3vf402T/Hoh57UKElby6dlNcwyrB1+Pvp3x:xeYIurjcbbot3vfaCXExl6NQ1x
Static task
static1
Behavioral task
behavioral1
Sample
7d18e238febf88bc7c868e3ee4189fd12a2aa4db21f66151bb4c15c0600eca6e.exe
Resource
win7-20240220-en
Malware Config
Extracted
pikabot
https://158.220.95.214:5243
https://64.23.199.206:1194
https://172.232.208.90:2223
https://213.199.41.33:13721
https://194.233.91.144:5000
https://158.220.95.215:5242
https://84.247.157.112:13719
Targets
-
-
Target
7d18e238febf88bc7c868e3ee4189fd12a2aa4db21f66151bb4c15c0600eca6e.exe
-
Size
1.3MB
-
MD5
3e56975127f436aa5e8a9b9c7af5eb23
-
SHA1
acbf171b31c25a66d7af44bf9e1f5666acaa3f2c
-
SHA256
7d18e238febf88bc7c868e3ee4189fd12a2aa4db21f66151bb4c15c0600eca6e
-
SHA512
f1a2d4dcc0531ee08c3b5e407b7e250743c15d0e2f320a9d74e933a94791d1185a9dc6f5f28b9e3bc8bbc364b3c98fc72e936c45b88279c773ea4507e24b3e9f
-
SSDEEP
12288:2jwHlbKaWY6oL1T0uwJ34dW/QtQF5KXGOTBwfRzPZ15HVCjkNMOuEFcd+wtZqA8s:2yHC/QtQF5kGXZPY+1BFc2AZoyLtkwx
-
Pikabot family
-
Suspicious use of SetThreadContext
-