MedusaHTTP DDoS Slithers Back into the Spotlight | NETSCOUT
Tags
country: Russia
attack-pattern: Data Botnet - T1583.005 Botnet - T1584.005 Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Connection Proxy - T1090
Show in Graph
Common Information
Type Value
UUID 53804b3c-64b6-44db-a818-15ae75c3e5e9
Fingerprint 75a45a912eb3a6cb
Analysis status DONE
Considered CTI value 2
Text language
Published Dec. 18, 2017, midnight
Added to db Jan. 18, 2023, 11:30 p.m.
Last updated Nov. 15, 2024, 9:30 p.m.
Headline MedusaHTTP DDoS Slithers Back into the Spotlight
Title MedusaHTTP DDoS Slithers Back into the Spotlight | NETSCOUT
Detected Hints/Tags/Attributes 46/2/21
Source URLs
Redirection Url
Details Source https://www.arbornetworks.com/blog/asert/medusahttp-ddos-slithers-back-spotlight/
Details Source https://www.netscout.com/blog/asert/medusahttp-ddos-slithers-back-spotlight
URL Provider
Details Provider Source level domain
Details arbornetworks.com www.arbornetworks.com
Details netscout.com www.netscout.com
Attributes
Details Type #Events CTI Value
Details Domain 6 
www.website.com
Details Domain 24 
website.com
Details Domain 2 
disability.su
Details Domain 2 
franchessko.top
Details Domain 2 
ircnews.wang
Details Domain 2 
kjnsfiosgjnlorgiko.ru
Details Domain 2 
mhforum.biz
Details Domain 2 
missyiurfound.bid
Details Domain 2 
scam-financial.org
Details Domain 2 
sgsdgsdger.ru
Details Domain 2 
troyamylove.gdn
Details Domain 2 
wooow1.ru
Details Domain 2 
youframegood.ru
Details File 20 
page.php
Details File 9 
exe.exe
Details sha256 1 
2919a13b964c8b006f144e3c8cc6563740d3d242f44822c8c44dc0db38137ccb
Details sha256 1 
85ebf6330039de69dbef1a4860274f21d8b980adb9c3d8385873c5d697c61685
Details sha256 1 
e514935ab07b29ca1ee9eedaf699de202ada70e29b4fc4618908b8ca8b3f83ef
Details sha256 1 
290eb4666848172a03c9c5123c004278647e8f5445a7d4e9c29a9ecc58c1b329
Details sha256 1 
4654f4cbd9e3910f4901493b9774d978060f1c9a9489612b66d66ee61667f60f
Details Url 1 
http://website.com/exe.exe