Source |
SANS Institute |
Identifiant |
7330143 |
Date de publication |
2022-10-07 06:21:03 (vue: 2022-10-07 08:07:16) |
Titre |
Powershell Backdoor with DGA Capability, (Fri, Oct 7th) |
Texte |
DGA (“Domain Generation Algorithm") is a popular tactic used by malware to make connections with their C2 more stealthy and difficult to block. The idea is to generate domain names periodically and use them during the defined period. An alternative is to generate a lot of domains and loop across them to find an available C2 server. Attackers just register a few domain names and can change them very quickly.
|
Envoyé |
Oui |
Condensat |
“domain 7th across algorithm alternative attackers available backdoor block can capability change connections defined dga difficult domain domains during find fri generate generation idea just loop lot make malware more names oct period periodically popular powershell quickly register server stealthy tactic them use used very |
Tags |
Malware
|
Stories |
|
Notes |
|
Move |
|