ioc[.]one - OSINT Cyber Threat Intelligence Database

Meet the "Wake" malware: DDOS and more!

Tags

attack-pattern:

Show in Graph

Common Information

Type	Value
UUID	bba2b237-6f20-4a8a-9861-fe922c3007d4
Fingerprint	a5279852244d0e9e
Analysis status	DONE
Considered CTI value	2
Text language
Published	Aug. 21, 2017, 12:15 p.m.
Added to db	Jan. 18, 2023, 7:31 p.m.
Last updated	Nov. 17, 2024, 6:49 p.m.
Headline	Le journal d'un reverser
Title	Meet the "Wake" malware: DDOS and more!
Detected Hints/Tags/Attributes	64/1/27

Source URLs

	Redirection	Url
Details	Source	http://0x90909090.blogspot.com/2017/08/meet-wake-malware-ddos-and-more.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.com	0x90909090.blogspot.com

Attributes

Details	Type	#Events	Value
Details	Domain	3	reverse.it
Details	Domain	19	vnd.ms
Details	Domain	1	bak.hnhxzz.com
Details	Domain	1	hnhxzz.com
Details	Domain	1	www.linuxhowtos.org
Details	Domain	62	stackoverflow.com
Details	Domain	21	server.py
Details	Domain	2	0x90909090.blogspot.com
Details	File	24	report.php
Details	File	2	ip1.txt
Details	File	1	procstat.htm
Details	File	19	server.py
Details	md5	1	8a3ca4a67e6d8af6834b96e4ac1457b6
Details	sha256	1	33c5374b0a1802a19d7787a65096cb049635c2e965b66d902456ca7e9c5d35b5
Details	sha256	1	8ff296806f496d77a1a8fc739566025397422345cf4eb6a56ef34f85ecdaecd7
Details	IPv4	1441	127.0.0.1
Details	IPv4	2	172.247.116.3
Details	IPv4	1	81.171.12.232
Details	IPv4	2	172.16.42.42
Details	IPv4	1	172.16.42.3
Details	Url	1	https://reverse.it
Details	Url	2	http://172.247.116.3:8080/arm1
Details	Url	1	https://detux.org/report.php?sha256=8ff296806f496d77a1a8fc739566025397422345cf4eb6a56ef34f85ecdaecd7
Details	Url	1	http://www.linuxhowtos.org/system/procstat.htm
Details	Url	1	https://stackoverflow.com/questions/3521678/what-are-meanings-of-fields-in-proc-net-dev
Details	Url	1	http://172.16.42.42/helloworld
Details	Url	1	http://0x90909090.blogspot.com