Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

From VT: A length of 9-14, a-z, tlds: [com], the fourth new seed of FakeAV? #19

Closed
suqitian opened this issue Sep 21, 2016 · 3 comments
Closed

From VT: A length of 9-14, a-z, tlds: [com], the fourth new seed of FakeAV? #19

suqitian opened this issue Sep 21, 2016 · 3 comments

Comments

@suqitian
Copy link
Member

suqitian commented Sep 21, 2016
edited
Loading

  • MD5
    179c40a4abc5c7d114c9d96079e78df8
  • Example of domains
    gipupeceta.com
    hehyvixiru.com
    hemusyheduf.com
    hobolamitajy.com
    jetuqaroxos.com
    jocojihuc.com
    jyxirafyhulora.com
    labicycosibuw.com
    laruryjuzycez.com
    ledimajezociw.com
  • Also Time independent
@suqitian
Copy link
Member Author

The list of all domains, 104 in total.
bakagunaxepo.com
bipuwyqojivu.com
bogekizase.com
boqerorune.com
cinuherijugeg.com
civivicuqekexo.com
demoziqut.com
dipolakiri.com
dokejecufinulo.com
febysaholubaro.com
fivulaxavys.com
fopuvuwupode.com
gafotulerilir.com
gikekypowaqa.com
gipupeceta.com
hehyvixiru.com
hemusyheduf.com
hobolamitajy.com
jetuqaroxos.com
jocojihuc.com
jyxirafyhulora.com
labicycosibuw.com
laruryjuzycez.com
ledimajezociw.com
levulehup.com
levysavasezo.com
litypacuxava.com
mohijyxazyby.com
nigyruqyn.com
nipoloquv.com
pafozykavygaj.com
pejozehywe.com
pisowyxuwisin.com
pomexyposenebi.com
porozybaru.com
putijucyvazym.com
qojijixiwidaz.com
qosifavede.com
qotasifelaw.com
quwenofoki.com
rabuqibareme.com
rijucyvybumyka.com
sivycaqilugoq.com
sumatevebat.com
suzehebaq.com
syqivolurypugi.com
sysigicigisav.com
tedahokuj.com
tibumuqel.com
tyqonelaresuz.com
vonygulyxiqo.com
vyxutoxotynif.com
waciroqohuli.com
witywypihag.com
wudicofez.com
wybuzyrywovaj.com
wycecikodovi.com
wydajufacysyd.com
wywazediwo.com
xecuhuziqys.com
xegunider.com
xipifexegybozi.com
xoxakipowu.com
xucysasowebaty.com
xuryfacaqy.com
zarapetahuryp.com
zaryhocypase.com
zificefydyn.com
zyzanewodojyx.com

@suqitian
Copy link
Member Author

The list of all malware sample which have the same behaviours, 29 in total.
179c40a4abc5c7d114c9d96079e78df8
66b67b6fb5a88b6dce9cd10e4ce8c67e
b618f6cf2ba43dcef53dfa3c9405be43
f4338c65ccecd2002161b53a55571557
b05a5ee2d3b919764dba5cdd8f2c9a3c
4042a228689374573fc95512f4aa25d8
bfa8353a34557041efc49e905043a1de
c6877fe744965a8177faeddb79806b07
1e2b20ff8c1a11e796f14e27f717b855
5f2b170891cf6fb15e0443f8128c75c2
9b45fbfbe443590d8586cf8025a99cf4
a61688ecb6f208dcf54691fd1d341668
d7e532cacdd4e05bee8f60b729cffed0
e6e72687f4d5877bdf0250d2db65b112
75e7027ecf1d63201b2d552b1ec9491e
c05925db1f5c86eaafa7a32d2cff95af
c8e9e8448b3872263de42bea6e73f492
2d71cb1d13c4f63d4a2bc6cb984f91a1
365a762acfc6fd5c0b9cfb01413a02ea
587c9c0de02168bf7bdaed3dda457919
73d72a2345fa24c0d00bb1e8c8b78372
857024cdc6d01a7ffe505202c58ce96b
8ac40bfd0acf6289c14a60268e19b93f
9fecf819ec6a8c61f37d939afc833401
f73897ba278b719b03a0f248b5caca71
15d26d88b257b9ffff92e90c6fa277ae
9f5a46f438760cdf70280e62fc4fdc9b
f440d20237222dbc0ee35c2edc354c59
8c637e53ce8bbe8b627e467f3fac00b6

@suqitian
Copy link
Member Author

Not DGA.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@suqitian