Login
From:
Binary Reverse Engineering Blog
(Uncensored)
subscribe
The Defective Domain Generation Algorithm of BazarLoader
https://bin.re/blog/the-buggy-dga-of-bazarbackdoor/
links
backlinks
Tagged with:
dga
reverse-engineering
malware-analysis
Roast topics
Find topics
Find it!
This blog post is about the faulty domain generation algorithm found in some BazarLoader samples. The DGA not only uses an invalid tld, it also occasionally generates invalid characters for the second level domain.
