360netlab / DGA

Suspicious DGA from PDNS and Sandbox.

From sandbox: The DGA of XshellGhost

suqitian opened this issue 7 years ago · comments

suqitian commented 7 years ago

MD5
97363d50a279492fda14cbab53429e75
Domains generated on 2017/12/10 in the sandbox
tczafklirkl.com

suqitian commented 7 years ago

TLDs
com
The number of domains
1 domain per month
Test

$ python dga.py -n 1 -t `date +%s -d "2017-12-10"`
tczafklirkl.com

dga.py is here.