PikaBot Trojan IOCs - Part 2

Pikabot - новое семейство вредоносных программ, состоящее из загрузчика/установщика, загрузчика и основного компонента бэкдора. Несмотря на раннюю стадию разработки, оно уже демонстрирует передовые техники уклонения, внедрения и антианализа.

Indicators of Compromise

IPv4 Port Combinations

• 185.106.94.152:13720
• 185.106.94.167:5631
• 185.106.94.174:5000
• 185.106.94.177:13721
• 80.85.140.152:5938
• 80.85.140.43:9785

Domains

• organicmaster.in
• protectstudio.com

URLs

• http://140.82.31.164/CKED/Dodec
• http://140.82.31.164/dmii//?u2nIt8S1YQi=1697570236
• http://140.82.31.164/dmii//?u2nIt8S1YQi=1697570256
• http://140.82.31.164/dmii//?u2nIt8S1YQi=1697570266
• http://140.82.31.164/dmii/?2=9382440
• http://140.82.31.164/dmii/?4=6982077
• http://140.82.31.164/dmii/?jE=1118618
• http://45.63.106.193/PmpZ/Hamma
• http://45.63.106.193/tr//?C6gtUk=1697570277
• http://45.63.106.193/tr/?S=1143680
• https://organicmaster.in/ur//?xihhZkN=1697556543
• https://organicmaster.in/ur/?04668431
• https://protectstudio.com/mue//?E0Vg=1697556542
• https://protectstudio.com/mue/?94668431

Emails

• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]

MD5

• 03180c3aa0fc1ed35d1127c462a9b699
• 0ae9717108d3649bd4be3e01e129e626
• 1bb341f63af2dcad2eb16b43f79d5990
• 1e434578661a47e07858399d7c750de9
• 2ef67bce897bdaa1fa42376e08e9218e
• 40d46d7c6fd98700d75e880bcaafb747
• 5574063e48e205518d511a92d9c1e495
• 6741fce92cda1573bb502ac4a530f536
• 747cddf8d4ca41b2b5f87125c4998f4c
• 7705e61b463994f810bc3f5f1a7a9628
• 78b8d5f085661e1da69eae2a11af68c8
• 96f8da14399f46bf5c4901d019237bba
• a28a7d2c4a8201d96f5cd17b1b2cfa65
• a38be9f18dd1a9912576e881e6165bbd
• b6c1f32955124c826811d21e063899bc
• c747d44eb4f93b9fe96c74ae652d4b2f
• cbdbde92c7baa0bca485f1211c870722
• e75ceca0499d49252539b02db94e6291
• e891f7075b728afa7bdd14327b98d1e5
• eff200d9d2e50ca5033466e1149681fe