Susp DGA from VT: A fix length of 7, a-z, tlds: [net]

Question

Susp DGA from VT: A fix length of 7, a-z, tlds: [net]

suqitian opened this issue 8 years ago · 1 comments

MD5
c3c260899fa7caea5edc4cfe5ad57e9c
Hints from [VT]
bonylec.net
bopamum.net
bopegim.net
bopipyf.net
bopizyf.net
bopucef.net
bopybim.net
bovatat.net
bovozot.net
cibopet.net
cidicif.net
cidipif.net
cidozof.net
cihazom.net
ciherom.net
cihykam.net
cinaryt.net
cinazyt.net
direfes.net
direvys.net
disixub.net
disusyb.net
dixusow.net
But this DNS requests can not repeat in our Cuckoo Sandbox. Maybe I should run it in my Win7 VirtualBox.

Answer 1 · 2016-10-14T08:16:17.000Z

A new seed of simda.
Key: 167bdf6e5e05c53a8a52b9505876ed
TLD: net
SLD_len: 7
The number of domains: 1000

Test:

$  python dga.py 0x45ae94b2 1000 7 net 167bdf6e5e05c53a8a52b9505876ed | sort | less
bocipot.net
...
bonylec.net
bopamum.net
bopegim.net
bopipyf.net
bopizyf.net
bopucef.net
bopybim.net
bovatat.net
bovozot.net
...

And dga.py is here.