← Back to Pulse Feed
PULSE DETAIL
DDoS tools developed by this organization use SSH weak passwords and server vulnerabilities to control many Linux chickens. The malware of this organization can be traced back to 2009. This article mainly analyzes the controlling end, the generator and Windows and Linux variants in controlled end of this tool and makes a display of the homologous analysis and network infection of these samples.
Indicators of Compromise (14)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| hostname | yqv.3322.org | — | 2017-08-23 | |
| hostname | 111.cf22.com | — | 2017-08-23 | |
| hostname | lindashuaiddos.f3322.org | — | 2017-08-23 | |
| hostname | zj.passwd1.com | — | 2017-08-23 | |
| hostname | syn.netbot.cc | — | 2017-08-23 | |
| hostname | jj94.3322.org | — | 2017-08-23 | |
| hostname | fymy.8800.org | — | 2017-08-23 | |
| hostname | ttlatale.3322.org | — | 2017-08-23 | |
| hostname | 75.148my.com | — | 2017-08-23 | |
| hostname | aaa.swhk.net | — | 2017-08-23 | |
| hostname | kk.netbot.cc | — | 2017-08-23 | |
| FileHash-MD5 | 22d0fa8571e1691cf2ffb1b20c1d536a | — | 2017-08-23 | |
| YARA | e508026c2c2620bd4bd11d35499cfc2b563a1392 | — | 2017-08-23 | |
| YARA | 6d42e4d8e3d9099b855d530eb0f165c54b82dcd4 | — | 2017-08-23 |