General
-
Target
ampscripts.tar.gz
-
Size
22.2MB
-
MD5
ba076bac396e719d5cc23494ea4bc932
-
SHA1
62d179108eeb87f1757e82ecffba764e51d5788f
-
SHA256
442bc1d9cc915c514f56d07d44d05d8caab80ae521e29f5a2a3b54058d77aa95
-
SHA512
c3eee81870b85b9571335c0029a4526263572d628a5676a90f67af5983c734d27f03d724d95b985fee17e6d4196e6ea285560dbaf056d2c96a56cf7c569bb9be
-
SSDEEP
393216:CSCkKbJcPGGf2Yd/TL33ThnMfCO6vr22eGudbkSK9ubnTg9volOCWyWiVnp2D+r+:CMKNCGGuYnMKvrNlu1kyTguFWyJVp2K+
Score
10/10
Malware Config
Signatures
-
Contains strings common to LOLSquad DDoS tools 6 IoCs
Resembles a range of public tools written in C intended for DDoS attacks.
Files
-
ampscripts.tar.gz
-
sample
-
ICMP
-
arma
-
arma.txt
-
charge
-
chargen.txt
-
dns
-
dns.txt
-
fivem
-
fivem-ovh
-
fivem.txt
-
fn-lag
-
fn-lag.txt
-
frantech.txt
-
game
-
game-clap
-
game-clap.txt
-
game-kill
-
game-lag
-
game-lag.txt
-
game.txt
-
gamev2
-
gamev2.txt
-
gamev3
-
gamev3.txt
-
killall
-
killall.txt
-
killall1.txt
-
ldap
-
ldap-x
-
ldap.txt
-
ldapv2
-
ldapv2.txt
-
mdns
-
mdns-throttle
-
mdns-x
-
mdns.txt
-
nat-kill
-
nat-kill.txt
-
netbios
-
netbios.txt
-
nfo-clap
-
nfo-clap.txt
-
nfo-kill
-
nfo-kill.txt
-
nfo-x
-
ntp
-
ntp-x
-
ntp.txt
-
openvpn
-
openvpn-kill
-
openvpn-kill.txt
-
openvpn-x
-
openvpn.txt
-
ovh-crush
-
ovh-crush-x
-
ovh-crush.txt
-
ovh-crushv2
-
ovh-crushv2.txt
-
ovh-down
-
ovh-down.txt
-
ovh-downv2
-
ovh-downv2.txt
-
ovh-game
-
ovh-game.txt
-
ovh-gamev2
-
ovh-gamev2.txt
-
ovh-kill
-
ovh-kill.txt
-
ovh-killv2
-
ovh-killv2.txt
-
ovh-slap
-
ovh-slap.txt
-
path.txt
-
path2.txt
-
qotd
-
qotd.txt
-
quake-x
-
quake.txt
-
r6-lag
-
r6-lag.txt
-
sentinel
-
sentinel.txt
-
server
-
server.txt
-
serverv2
-
serverv2.txt
-
snmp
-
snmp.txt
-
snmpv2
-
snmpv2.txt
-
tcp-kill
-
tcp-kill.txt
-
tcp.txt
-
tcpabuse
-
tcpamp
-
udp-rape
-
udp-ts3
-
udprand
-
uds
-
uds-x
-
uds.txt
-
upnp
-
upnp.txt
-
vox
-
vpn
-
vpn-clap
-
vpn-clap.txt
-
vpn.txt
-
vpnv2
-
vpnv2.txt