Technical Analysis of Pikabot
Pikabot is a new malware trojan that emerged in early 2023, consisting of a loader and a core module. The core module implements malicious functionality, including the ability to execute arbitrary commands and inject payloads provided by a command-and-control server. Pikabot utilizes a code injector to decrypt and inject the core module, employing a series of anti-analysis techniques and the public tool ADVobfuscator for string obfuscation. It shares similarities with the Qakbot trojan in terms of distribution methods, campaigns, and malware behaviors. However, there is not enough evidence to definitively link these malware families to the same threat actor. Malware: Pikabot, QakBot, CobaltStrike [View Article](https://www.zscaler.com/blogs/security-research/technical-analysis-pikabot)