Behavioral task
behavioral1
Sample
BFtZ.bin
Resource
ubuntu1804-amd64-20231222-en
ubuntu-18.04-amd64
9 signatures
1800 seconds
General
-
Target
BFtZ.bin
-
Size
535KB
-
MD5
35793cbfd0a4376ea9380ffed9182334
-
SHA1
31e5d905407966ca953def90eb45df417127cf38
-
SHA256
303bb187a06415eedc0c5ece5692fe05b03e286435472d0e4fd4ca9386d9acf4
-
SHA512
89fc15518e82cb7c7f97acb433a1881612d404585b5228e4554a3f9e58c3db7e9a057f669d98c11c10cf3dd5e73b48a9ebf2b983319eae709d9751f21dfaaf4a
-
SSDEEP
12288:4Ufrcn+vwK5ripVU4tdZ1pNL/pVbz266ySjQn36Eoj:/fUywKQ7Fb1pNL/p52fjQn36Eu
Score
10/10
Malware Config
Extracted
Family
xorddos
C2
http://aa.hostasa.org/config.rar
ppp.gggatat456.com:1522
ppp.xxxatat456.com:1522
www1.gggatat456.com:1522
Attributes
-
crc_polynomial
EDB88320
xor.plain
Signatures
-
XorDDoS payload 1 IoCs
Processes:
resource yara_rule sample family_xorddos -
Xorddos family
Files
-
BFtZ.bin.elf linux x86