pikabot | 24992b7e28c311aa638cb541fc7b3b362f9cd2fb2202b5428f00bc0e0418eff9 | Triage

Sharing

General

Target

72ecff0ed98f3520f5c293d2aac12aa8155954ca913b431654dd84cf3d986c4c.zip
Size

623KB
Sample

240417-xj1j6aag67
MD5

69e1f5ebbd2f9ddd1b5fef36e672c7b2
SHA1

48460678c115d04b5f22586bd45b649e24427d04
SHA256

24992b7e28c311aa638cb541fc7b3b362f9cd2fb2202b5428f00bc0e0418eff9
SHA512

4266a08c250bf9f70303e1e8ceb1de75e7f2f8c0321039090907750d0a237f50a4e21523206227726551366d5a581983501596597b08903765aa4cc46ae6c7d3
SSDEEP

12288:VqOppjSnW0KmGpdSWiI64+JW8krdv6tS1es1EQEHfFPk274XB9puz7:wIjSnuYWw4+JW8krdytScsjEx74XB9S

Score

10^/10

pikabot botnet

Malware Config

Extracted

Family

pikabot

C2

109.199.99.131

154.38.175.241

23.226.138.143

23.226.138.161

145.239.135.24

178.18.246.136

141.95.106.106

104.129.55.105

57.128.165.176

Targets

- Target
  
  JXC.exe
- Size
  
  1.4MB
- MD5
  
  20990f6ff64d31077fec22f640e7b67b
- SHA1
  
  9053e89a6d12f01aafe4d793065db6879168cba6
- SHA256
  
  a9677832e0b19aab863d243aec2245a0be5d916477bd58ae10b8674b912161b2
- SHA512
  
  5ed6de42e83525cb8d47b7ba195b2b5106c4efdf8fbe00da55d58b95c5c81a0a02846c544073390847806ad36ab3d288041548b4b1bc7b8cd437e5c0dcf8d03b
- SSDEEP
  
  24576:m3dhgAYmYqHU7pHYev00V6dCDdoVYdGp8VTALtMa6Z:BmYqHU7pHYY00VcCDdowG3tMa6Z
Score

10^/10

pikabot botnet
- PikaBot
  PikaBot is a botnet that is distributed similarly to Qakbot and written in c++.
  botnet pikabot
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1