PikaBot Is Back With a Vengeance
Tags
| cmtmf-attack-pattern: | Process Injection |
| attack-pattern: | Data Indirect Process Injection - T1631 Process Injection - T1055 |
Common Information
| Type | Value |
|---|---|
| UUID | f3e1ab86-8976-4cf7-87b6-fdf128170963 |
| Fingerprint | beb22850ef9af8b4 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 12, 2023, midnight |
| Added to db | Nov. 19, 2023, 10:30 p.m. |
| Last updated | Sept. 4, 2024, 12:17 p.m. |
| Headline | PikaBot Is Back With a Vengeance |
| Title | PikaBot Is Back With a Vengeance |
| Detected Hints/Tags/Attributes | 19/2/11 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 207 | ✔ | OALABS Research | https://research.openanalysis.net/feed.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 23 | searchprotocolhost.exe |
|
| Details | File | 1 | '''kernel32.dll |
|
| Details | File | 1 | '''advapi32.dll |
|
| Details | File | 1 | '''user32.dll |
|
| Details | File | 1 | '''netapi32.dll |
|
| Details | File | 1 | '''whoami.exe |
|
| Details | File | 1 | '''ipconfig.exe |
|
| Details | File | 1 | '''netstat.exe |
|
| Details | File | 1 | '''wininet.dll |
|
| Details | md5 | 2 | f0adda360d2b4ccda11468e026526576 |
|
| Details | sha256 | 3 | 39d6f7865949ae7bb846f56bff4f62a96d7277d2872fec68c09e1227e6db9206 |