Infected site originate 9days Linux/Xor.DDoS sample
VT: https://www.virustotal.com/en/file/9c79 ... 421487429/
Detection ratio is low: 8/57
I wrote CNC (in PRC/CHINA network) and XOR key in VT comment.
#MalwareMustDie!
Bulk share of Xor.DDoS recent binaries, alive CNC. Good quality for signature production & analysis (I sound like salesman now..sigh..)
From our case MMD-0037-2015 http://blog.malwaremustdie.org/2015/07/ ... shock.html see the post for details of these.
Thanks to Sh1bumi for doing xxxx to get this during my busy analysis the case.
#MalwareMustDie!