This post takes a quick look at Sphinx’s domain generation algorithm (DGA). Sphinx,another Zeus-based banking trojan variant, has been around circa August 2015. The DGA domains are used as a backup mechanism for when the primary hardcoded command and control (C2) servers go down. It is currently unknown to us as to what version added the DGA functionality.
This sample was used for analysis and it is version 1.7.1.0.
The Great DGA of Sphinx
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.