xorddos | e40d4ba6f6aee3acd39faf65f471894a[.]bin

General

Target

e40d4ba6f6aee3acd39faf65f471894a.bin
Size

251KB
MD5

e8122ab913893dd5594568f00ff0c0bf
SHA1

acb039c26b4da1d264478e7bc70ceb0fd6610b56
SHA256

e06b85ee493c8edf8011f891bcbce0aa008738927416f284052c2c4a9a6bc9ec
SHA512

74a2e8c00a2fe9e4f72c74ad4dc4935219f73d50b7d7b013c24ccda1bfda488e79bcb0538c5992025d7f330cd3f77e0fa055045fcdc8293b4a88698e5eb628cb
SSDEEP

6144:w2n+rWd61oU5RplsPHqg3W5TmsuqO43VdjlrIta+0nFKoYK+dGQ:/n+Q62UL/syrkrI8k+DoYDV

Score

10^/10

xorddos

Family

xorddos

C2

http://ww.wowapplecar.com/config.rar

dd.vvbb321.com:1430

dd.jjkk567.com:1430

dd.nnmm234.com:1430

dd.aass654.com:1430

dd.xxcc789.com:1430

Attributes

xor.plain

XorDDoS payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/0e817a2325c215997de15851152a66924874739eeff5da4b434e5d36c83a76eb.elf	family_xorddos

e40d4ba6f6aee3acd39faf65f471894a.bin
.zip

Password: infected
0e817a2325c215997de15851152a66924874739eeff5da4b434e5d36c83a76eb.elf
.elf linux x86