SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.dofloo (Back to overview)

Dofloo

aka: AESDDoS

Dofloo (aka AESDDoS) is a popular malware used to create large scale botnets that can launch DDoS attacks and load cryptocurrency miners to the infected machines.

References
2021-12-19BleepingComputerBleepingComputer
@online{bleepingcomputer:20211219:exposed:333be0a, author = {BleepingComputer}, title = {{Exposed Docker APIs Abused by DDoS, Cryptojacking Botnet Malware}}, date = {2021-12-19}, organization = {BleepingComputer}, url = {https://www.bleepingcomputer.com/news/security/exposed-docker-apis-abused-by-ddos-cryptojacking-botnet-malware/}, language = {English}, urldate = {2021-12-20} } Exposed Docker APIs Abused by DDoS, Cryptojacking Botnet Malware
Dofloo
2017-11-17LloydLabsLloyd Davies
@online{davies:20171117:part:cf7e1c8, author = {Lloyd Davies}, title = {{[Part 1] - Analysing the New Linux/AES.DDoS IoT Malware}}, date = {2017-11-17}, organization = {LloydLabs}, url = {https://blog.syscall.party/post/aes-ddos-analysis-part-1/}, language = {English}, urldate = {2022-07-01} } [Part 1] - Analysing the New Linux/AES.DDoS IoT Malware
Dofloo
2015-12-03360 Internet Security CenterYa Liu
@techreport{liu:20151203:automatically:7e1f412, author = {Ya Liu}, title = {{Automatically Classifying Unknown Bots by The REGISTER Messages}}, date = {2015-12-03}, institution = {360 Internet Security Center}, url = {https://www.botconf.eu/wp-content/uploads/2015/12/OK-P13-Liu-Ya-Automatically-Classify-Unknown-Bots-by-The-Register-Messages.pdf}, language = {English}, urldate = {2022-07-01} } Automatically Classifying Unknown Bots by The REGISTER Messages
Dofloo MrBlack XOR DDoS DarkShell

There is no Yara-Signature yet.