The DGA family Orchard continues to change

DGA is a classic botnet adversarial detection technology. Its principle is to use a certain DGA algorithm, combined with a specific seed and the current date, to generate a large number of domain names on a regular basis, and the attacker only selectively registers a very small number of them.

REFERENCE: https://blog.netlab.360.com/orchard-dga/

TAGS: botnet, xmrig, dga, orchard

MALWARE FAMILY: Orchard

ATT&CK IDS: T1094 - Custom Command and Control Protocol, T1583.005 - Botnet, T1483 - Domain Generation Algorithms

Read More:

https://otx.alienvault.com/pulse/62ecea54201d22e433bfcac8