General
-
Target
d6a5d9bd5e6842bb595b18a9131a84a8_JaffaCakes118
-
Size
611KB
-
MD5
d6a5d9bd5e6842bb595b18a9131a84a8
-
SHA1
f2e3fd9d7e16665d91e3182ddaaa175be45d6e1d
-
SHA256
8d9b9e02aaa3ed855dfeed82b1af18131591c3621a96be730672a45f7ac43094
-
SHA512
06040501e65dbf6be2fcfd3c626d80c5ebcd9489807206e62bf8d1fad4fbe9a660f146fb49f3e57335f024ba9a131bbef8e4696038178f790f2e090822cae1f1
-
SSDEEP
12288:FBXOvdwV1/n/dQFhWlH/c1dHo4h9L+zNZrrrT6yF8EEP4UlUuTh1AG:FBXmkN/+Fhu/Qo4h9L+zNNrBVEBl/91h
Score
10/10
Malware Config
Extracted
Family
xorddos
C2
http://aa.hostasa.org/config.rar
ns3.hostasa.org:4309
ns4.hostasa.org:4309
ns1.hostasa.org:4309
ns2.hostasa.org:4309
Attributes
-
crc_polynomial
EDB88320
xor.plain
Signatures
-
XorDDoS payload 1 IoCs
-
Xorddos family
Files
-
d6a5d9bd5e6842bb595b18a9131a84a8_JaffaCakes118