Domain Generation Algorithms

Some results of my DGA reversing efforts

Overview

Subfolder	Malware Family	Alias	Write-Up
newgoz	newGOZ	Gameover Zeus, Peer-to-Peer Zeus	link
ramnit	Ramnit		link
shiotob	Shiotob	Urlzone, Bebloh	link
symmi	Symmni		link
banjori	Banjori	MultiBanker 2, BankPatch(er)	link
necurs	Necurs		link
dircrypt	DirCrypt		link
pykspa/precursor	Precursor of Pykspa		link
pkyspa/improved	Improved Pykspa		link
simda	Simda	Shiz	link
tinba	Tinba	TinyBanker, Zusy	link
ranbyus/may	Ranbyus Version 1		link
ranbyus/september	Ranbyus Version 2		link
nymaim	Nymaim
murofet/v1	Murofet Variant 1	LICAT	link
murofet/v2	Murofet Variant 2	LICAT	link
murofet/v3	Murofet Variant 3	LICAT	link
fobber	Fobber	Tinba v3
corebot	CoreBot		link
suppobox	SuppoBox		link
unnamed_javascript_dga	Unnamed		link Obsolete, see Proslikefan
kraken/v1	Kraken Version 1	Bobax, Oderoor	link
kraken/v2	Kraken Version 2	Bobax, Oderoor	link
dnschanger	DNSChanger	Alureon	link
qakbot	Qakbot		link
locky	Locky		link
padcrypt	Padcrypt		link
gozi	Gozi	Ursnif, Snifula, Papras	link
qadars	Qadars		link
sisron	Sisron	TOMB, Win32/Agent.WRQ, Trojan.Scar	link
proslikefan	Proslikefan		link
vawtrak	Vawtrak		link
unnamed_downloader	Unnamed Downloader
chinad	Chinad		link
tempedreve	Tempedreve		link

Name		Name	Last commit message	Last commit date
Latest commit History 111 Commits
banjori		banjori
chinad		chinad
corebot		corebot
dircrypt		dircrypt
dnschanger		dnschanger
fobber		fobber
gozi		gozi
kraken		kraken
locky		locky
murofet		murofet
necurs		necurs
newgoz		newgoz
nymaim		nymaim
padcrypt		padcrypt
proslikefan		proslikefan
pykspa		pykspa
qadars		qadars
qakbot		qakbot
ramnit		ramnit
ranbyus		ranbyus
shiotob		shiotob
simda		simda
sisron		sisron
suppobox		suppobox
symmi		symmi
tempedreve		tempedreve
tinba		tinba
unnamed_downloader		unnamed_downloader
unnamed_javascript_dga		unnamed_javascript_dga
vawtrak		vawtrak
LICENSE		LICENSE
README.md		README.md