General
-
Target
b6e04d4eea2d4e044b9b5c3dde3bce0d_JaffaCakes118
-
Size
611KB
-
MD5
b6e04d4eea2d4e044b9b5c3dde3bce0d
-
SHA1
338ed179a905da39961250674e80be17a916884a
-
SHA256
242e172ee2185e78da0164b1669ae390458003da4a720da029fc4fc83d187bcd
-
SHA512
01cfe2b25d4883f5c1a687a096dd4cdb008114ec916b8ed319d130cb00758fd8c0c14e83dbaed44efddbe26463cf09124e092ab87658b7d11e0b8b9afa5b633b
-
SSDEEP
12288:FBXOvdwV1/n/dQFhWlH/c1dHo4h9L+zNZrr+T6yF8EEP4UlUuTh1AG:FBXmkN/+Fhu/Qo4h9L+zNN+BVEBl/91h
Score
10/10
Malware Config
Extracted
Family
xorddos
C2
http://aa.hostasa.org/config.rar
ns3.hostasa.org:4308
ns4.hostasa.org:4308
ns1.hostasa.org:4308
ns2.hostasa.org:4308
Attributes
-
crc_polynomial
EDB88320
xor.plain
Signatures
-
XorDDoS payload 1 IoCs
-
Xorddos family
Files
-
b6e04d4eea2d4e044b9b5c3dde3bce0d_JaffaCakes118