Linux/Xor.DDoS - Page 4 - KernelMode.info

Re: Linux/Xor.DDoS

#26809 by unixfreaxjp
Sat Sep 26, 2015 7:34 am

Blaze wrote:Wrote an accompanying blog post about it as well (includes disinfection + prevention) if interested:
http://bartblaze.blogspot.com/2015/09/n ... rddos.html

Thanks Bart, for helping ELF malware awareness. Good blog.
#MalwareMustDie!

Username

unixfreaxjp

Posts

501

Joined

Thu Apr 12, 2012 4:53 pm

Re: Linux/Xor.DDoS

#26823 by Blaze
Sun Sep 27, 2015 10:00 pm

unixfreaxjp wrote: Thanks Bart, for helping ELF malware awareness. Good blog.
#MalwareMustDie!

Thank you and my pleasure. Part II attached.

Code: Select all

5eae63125b3a8629a264c0a71713aeb3e69ac3e6	
a32e436fb5dcf78cb208de5cfe433e8de212c118	
7f4046004b50d8531e3da8dc4719b46762ca738f	
6341eaa2420bc2a94fcd0941a149883f8a8a7ff1	
e283f75712c846a1576182f604807eae9dc64eeb	
e83494d7c29338bbf387375a2dbe637e98417af7	
c17a743642d4b2e2ea44de2726049fcff31c5804	
6cd1dcc65e1b1a1195d89e943c98f1e0abfd566c	
6a42904186936aad697c708bcb6752926242d360	
829f6851333600cb85f508dc7fb01b19c1e98952	
c5280d41b177f15786284c898ed4ed7b5ae14f2d	
b1d7cd274e0b45397e596c80424c9560cb810e6a	
9af18519237472a886989fb3236ed4e4fbb9d8c2	
192df5296dc4881183f3af8971afaf9fda6865dc	
7ef0613bb418f1ed158249930b24195f29f8577c	
d39945d2cde3cf746fcfba6d4bd76f7ce8d60bc6	
b39e1660c6c5ae4b7bf6992735622169b32466ab	
35d110a217fae329272a9a5189afef1bba96e451	
0177aa7826f5239cb53613cc90e247b710800ddf	
ed953d970e45c2a941009f2c07059c78b496c091	
f707e7966ce50d13ba05be04c6c4ccf95c798712	
3fbbbe057276ff172679e50fd6f6c39e7e0b8d68	
842d6ffb2f726b41b30bbc7ea0d9ea856e61a33c	
7546fa3e4c24fd3e5161719b46f071a160dc12ca	
c6d2707cd64a72154f6f99f4379d17b1d840b2a5

Attachments

xor.ddos.2.zip

(6.5 MiB) Downloaded 67 times

Username

Blaze

Posts

198

Joined

Fri Aug 27, 2010 7:35 am

Contact

Re: Linux/Xor.DDoS

#27025 by ynvb
Wed Oct 21, 2015 10:33 am

Hello All,
We have just published a technical report on a XOR.DDoS and a new variant\module we have detected.

Your comments will be much appreciated.

Enjoy.
http://blog.checkpoint.com/2015/10/20/d ... ux-server/

Username

ynvb

Posts

10

Joined

Tue Feb 26, 2013 12:17 pm

Re: Linux/Xor.DDoS

#28623 by tWiCe
Mon Jun 06, 2016 6:34 am

I'm looking for an installation script with alive C&C that will install a trojan from this family with a rootkit. Does anyone have such script?

Username

tWiCe

Posts

49

Joined

Sat Jul 18, 2015 8:56 am