General

  • Target

    f207a52477086eaf27141c780530336d.bin

  • Size

    177KB

  • MD5

    9dce3a296a667d3398326a3daf4857fe

  • SHA1

    69532a363dc42567ea85f858f7d065f19e4518aa

  • SHA256

    aece5dbd22972c1c97f1b77c3843751b7b83c52b190518d0e23acd4136f8a074

  • SHA512

    76ceb9166e1ee605e60912ebdc1367db13662c881ce263481744c1f75709953cea04aa660baa8add2d37ec0241653fd58b12a69b32c9bff3f14015021c1419a0

  • SSDEEP

    3072:oYN4VMsnAa0AooCePALQIr/I6Q4eQNJF3AEwwt3d/vjmXrd97OLnjwYkwu:oYsPAa0AoTeP+QIr/I6Q43B33wwD/q7T

Score
10/10

Malware Config

Extracted

Family

pikabot

C2

45.32.188.56:2967

154.221.30.136:13724

78.141.222.198:13786

216.128.136.231:13786

108.61.224.209:2967

139.84.235.8:2225

45.32.235.46:5242

210.243.8.247:23399

192.248.151.140:23399

Signatures

  • Detects PikaBot botnet 1 IoCs
  • Pikabot family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f207a52477086eaf27141c780530336d.bin
    .zip

    Password: infected

  • ce742b7cc94a5c668116d343b6a9677523dc13b358294bba3cd248fba8b880da.exe
    .exe windows:6 windows x86 arch:x86

    Password: infected

    df9a4b633da6240db7237139a3412baa


    Headers

    Imports

    Sections