General

  • Target

    72ecff0ed98f3520f5c293d2aac12aa8155954ca913b431654dd84cf3d986c4c.zip

  • Size

    623KB

  • Sample

    240417-xj1j6aag67

  • MD5

    69e1f5ebbd2f9ddd1b5fef36e672c7b2

  • SHA1

    48460678c115d04b5f22586bd45b649e24427d04

  • SHA256

    24992b7e28c311aa638cb541fc7b3b362f9cd2fb2202b5428f00bc0e0418eff9

  • SHA512

    4266a08c250bf9f70303e1e8ceb1de75e7f2f8c0321039090907750d0a237f50a4e21523206227726551366d5a581983501596597b08903765aa4cc46ae6c7d3

  • SSDEEP

    12288:VqOppjSnW0KmGpdSWiI64+JW8krdv6tS1es1EQEHfFPk274XB9puz7:wIjSnuYWw4+JW8krdytScsjEx74XB9S

Score
10/10

Malware Config

Extracted

Family

pikabot

C2

109.199.99.131

154.38.175.241

23.226.138.143

23.226.138.161

145.239.135.24

178.18.246.136

141.95.106.106

104.129.55.105

57.128.165.176

Targets

    • Target

      JXC.exe

    • Size

      1.4MB

    • MD5

      20990f6ff64d31077fec22f640e7b67b

    • SHA1

      9053e89a6d12f01aafe4d793065db6879168cba6

    • SHA256

      a9677832e0b19aab863d243aec2245a0be5d916477bd58ae10b8674b912161b2

    • SHA512

      5ed6de42e83525cb8d47b7ba195b2b5106c4efdf8fbe00da55d58b95c5c81a0a02846c544073390847806ad36ab3d288041548b4b1bc7b8cd437e5c0dcf8d03b

    • SSDEEP

      24576:m3dhgAYmYqHU7pHYev00V6dCDdoVYdGp8VTALtMa6Z:BmYqHU7pHYY00VcCDdowG3tMa6Z

    Score
    10/10
    • PikaBot

      PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.

MITRE ATT&CK Matrix

Tasks