← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Kamasers Analysis: A Multi-Vector DDoS Botnet Targeting Organizations Worldwide
WHITE PetrP.73 2026-03-27 Modified: 2026-04-26
12
IOCs
MEDIUM VOLUME
The Kamasers botnet represents a growing threat in the realm of cyber attacks, particularly through its multi-vector DDoS capabilities. This sophisticated malware effectively employs both application-layer and transport-layer flooding techniques, targeting protocols such as HTTP, TLS, UDP, TCP, and GraphQL to create devastating effects on affected organizations. Notably, Kamasers also acts as a loader, meaning it can download and execute additional malicious payloads, which poses increased risks of data theft and ransomware deployment.
kamasersasciiddosc2 servertaskgithub gistdropboxbitbucketgridguardghoulresolvertelegramdownloadgcleaneramadeyfloodinfostealerukrainelatrodectusfortuneholdmalwaresalvadorcompromiseiocs
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (12)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 198d318ee80f61bea885b62de6783d44 MD5 of 071a1960fbd7114ca87d9da138908722d7f1c02af90ea2db1963915fbe234c52 2026-03-27
FileHash-MD5 5d16b75e8bd071e15b04cc9c06dcfafa 2026-03-27
FileHash-SHA1 bf2944887222f11d77200a5f83af5e23412f0aba SHA1 of 071a1960fbd7114ca87d9da138908722d7f1c02af90ea2db1963915fbe234c52 2026-03-27
FileHash-SHA256 071a1960fbd7114ca87d9da138908722d7f1c02af90ea2db1963915fbe234c52 2026-03-27
FileHash-SHA256 dd305f7f1131898c736c97f43c6729bf57d3980fc269400d23412a282ee71a9a 2026-03-27
FileHash-SHA256 f6c6e16a392be4dbf9a3cf1085b4ffc005b0931fc8eeb5fedf1c7561b2e5ad6b 2026-03-27
URL http://178.16.54.87/uda/ph.php 2026-03-27
URL http://45.151.91.187/pa.php 2026-03-27
URL http://91.92.240.50/pit/wp.php 2026-03-27
domain pitybux.com 2026-03-27
domain ryxuz.com 2026-03-27
domain toksm.com 2026-03-27
References (1)
↗ https://any.run/cybersecurity-blog/kamasers-technical-analysis/