high_confidence
Pikabot Distribution February 2024
[Pikabot](https://attack.mitre.org/software/S1145) was distributed in [Pikabot Distribution February 2024](https://attack.mitre.org/campaigns/C0036) using malicious emails with embedded links leading to malicious ZIP archives requiring user interaction for follow-on infection. The version of [Pikabot](https://attack.mitre.org/software/S1145) distributed featured significant changes over the 2023 variant, including reduced code complexity and simplified obfuscation mechanisms.(Citation: Elastic Pikabot 2024)(Citation: Zscaler Pikabot 2024)
Start date
1 February 2024
End date
1 February 2024
Techniques
4
Attributed actors
Techniques (4)
execution3
T1059.001PowerShell
T1059.007JavaScript
T1574Hijack Execution Flow
initial-access1
T1566.002Spearphishing Link
stealth1
T1574Hijack Execution Flow
Indicators of compromise
No IOCs linked to this campaign yet.