notes

The DGA in Alureon/DNSChanger

At least some of the famous DNSChanger malware samples use a domain generation algorithm (DGA) to...

read

Kraken's two Domain Generation AlgorithmsA side by side comparison of the DGAs

Kraken (also known as Oderoor or Bobax) was once a large, if not the largest, botnet. It was primarily...

read

A JavaScript-based DGAAnalysis of a defunct Proslikefan Sample

Note 2016-06-17: I later found a fully functional sample of Proslikefan and wrote about it here. Please...

read

Ranbyus's DGA, RevisitedA second version of the Domain Generation Algorithm

Edit Dec. 8th, 2015: I found two additional samples. One of them uses a different tld ordering...

read