General

  • Target

    172.82.91.106.p.txt.malware

  • Size

    535KB

  • MD5

    55e2086f49c2a5ad7efe2ea25a738534

  • SHA1

    b972259e0571ea143c43b8b77f71a82b3c9f15db

  • SHA256

    0007aa8a69792a6e7fab0cf3078897810ce61a1d15bfdc98509c6aa7b1e99fbc

  • SHA512

    d6563082aef18858ef983dab17da27d7808ff5fed0c4a0ec91a9542e5e4a3c074ec1435bc543fc312c3ff9a1721d3386690978672ff3191d9f51af5995d2f640

  • SSDEEP

    12288:4Ufrcn+vwK5ripVU4tdZ1pNL/pVbz766ySjQn36Eoj:/fUywKQ7Fb1pNL/p57fjQn36Eu

Score
10/10

Malware Config

Extracted

Family

xorddos

C2

https://ww.aass654.com/config.rar

dd.aass654.com:1430

dd.xxcc789.com:1430

dd.vvbb321.com:1430

dd.jjkk567.com:1430

dd.nnmm234.com:1430

Attributes
  • crc_polynomial

    EDB88320

xor.plain

Signatures

  • XorDDoS payload 1 IoCs
  • Xorddos family

Files

  • 172.82.91.106.p.txt.malware
    .elf linux x86