{
	"id": "ab1646cf-ca8b-4fea-a6e1-69417cbc2807",
	"created_at": "2026-04-06T00:14:04.52103Z",
	"updated_at": "2026-04-10T13:12:30.173838Z",
	"deleted_at": null,
	"sha1_hash": "23e1b9f266a8cd5beb38d939ed7116d9d20ae2d1",
	"title": "Why Your EDR Let Pikabot Jump Through",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 44485,
	"plain_text": "Why Your EDR Let Pikabot Jump Through\r\nArchived: 2026-04-05 22:40:08 UTC\r\nTyler Fornes, Principal Security Solutions Architect\r\n★★★★★\r\nExpel, Global Leader in MDR\r\nWe had to\r\nwait hours or even days\r\nfor L2 or L3 teams to investigate such an attack but\r\nwith VMRay\r\nI can have that done in less than 15 minutes.\r\nVice President, Cyber Security Labs\r\n★★★★★\r\nGlobal Top 3 Cyber Security IR Services Provider\r\nVMRay is our\r\ndeep sandbox\r\nanalysis solution that has helped us reduce the workload of our manual analyses by 90%, from 1000s to 100s per\r\nday.\r\nTeam Lead, Cyber Security\r\n★★★★★\r\nA Leading Global Tech Company\r\nManual analysis\r\nof a huge number of submissions was time-consuming. With VMRay, we are able to handle this with ease in an\r\nautomated way. This creates enormous value for us.\r\nRobert / Senior Expert, Cyber Defense\r\n★★★★★\r\nMajor Telecom Company\r\nhttps://www.vmray.com/cyber-security-blog/why-your-edr-let-pikabot-jump-through/\r\nPage 1 of 2\n\nVMRay provided the\r\nfully automated detection capabilities\r\nthat were crucial to speed up our incident response process and shorten investigation.\r\nLead Security Analyst\r\n★★★★★\r\nGartner Peer insights\r\nVMRay has enabled me to\r\ndecrease the manual analysis frequency and time\r\nsignificantly and increase positive identification of malware samples.\r\nThreat Intelligence Team\r\n★★★★★\r\nA Global Top 10 Technology Brand\r\nVMRay’s\r\ndata quality and rich API\r\nallowed us to automate our reverse engineering and data extraction tasks in a way no other vendor was able to\r\nprovide.\r\nThreat Research Team\r\n★★★★★\r\nCarbon Black\r\nWhat our team loves about VMRay is the ability to\r\nquickly triage a lot of malicious samples\r\nby providing a wide variety of targets, configurations \u0026 applications out of the box.\r\nSource: https://www.vmray.com/cyber-security-blog/why-your-edr-let-pikabot-jump-through/\r\nhttps://www.vmray.com/cyber-security-blog/why-your-edr-let-pikabot-jump-through/\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.vmray.com/cyber-security-blog/why-your-edr-let-pikabot-jump-through/"
	],
	"report_names": [
		"why-your-edr-let-pikabot-jump-through"
	],
	"threat_actors": [
		{
			"id": "d90307b6-14a9-4d0b-9156-89e453d6eb13",
			"created_at": "2022-10-25T16:07:23.773944Z",
			"updated_at": "2026-04-10T02:00:04.746188Z",
			"deleted_at": null,
			"main_name": "Lead",
			"aliases": [
				"Casper",
				"TG-3279"
			],
			"source_name": "ETDA:Lead",
			"tools": [
				"Agentemis",
				"BleDoor",
				"Cobalt Strike",
				"CobaltStrike",
				"RbDoor",
				"RibDoor",
				"Winnti",
				"cobeacon"
			],
			"source_id": "ETDA",
			"reports": null
		}
	],
	"ts_created_at": 1775434444,
	"ts_updated_at": 1775826750,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/23e1b9f266a8cd5beb38d939ed7116d9d20ae2d1.pdf",
		"text": "https://archive.orkl.eu/23e1b9f266a8cd5beb38d939ed7116d9d20ae2d1.txt",
		"img": "https://archive.orkl.eu/23e1b9f266a8cd5beb38d939ed7116d9d20ae2d1.jpg"
	}
}