New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

A new seed of Murofet #30

Closed

suqitian opened this issue Dec 1, 2016 · 1 comment

Member

suqitian commented Dec 1, 2016 •

edited

Loading

MD5
6f8ba741c1968083265346bff7e9533b
VT analysis
Domains captured in my virtual machine, 2016-12-01.
khuqyehgqtpuzzjd.com
rfcvjqgzlmmesuq.com
osrlrwsymmlutoq.biz
osrlrwsymmlutoq.com
hqognriumjzuqyi.info
hqognriumjzuqyi.org
klowmxgxhmriurli.net
klowmxgxhmriurli.biz
rxsptmbnuxzdxby.info
rxsptmbnuxzdxby.com
motipehktnnfigl.net
...

Member Author

suqitian commented Dec 2, 2016

Seed
0xa4d7ee01
The number of domains
1259

In order to cover all possibilities, need to generate 1259 domains per day.
17 * 59 + 0x100 = 1259

Test

$ python dga.py -d 2016-12-01 -k 0xa4d7ee01
...
rfcvjqgzlmmesuq.com
osrlrwsymmlutoq.biz
osrlrwsymmlutoq.com
hqognriumjzuqyi.info
hqognriumjzuqyi.org
klowmxgxhmriurli.net
klowmxgxhmriurli.biz
rxsptmbnuxzdxby.info
rxsptmbnuxzdxby.com
motipehktnnfigl.net
motipehktnnfigl.org
pffnfxmvzmzsqums.biz
...

dga.py is here

suqitian closed this as completed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment