domain_generation_algorithms

• http://johannesbader.ch/2015/02/the-dga-of-banjori/

• Earnestnessbiophysicalohax.com
• kwtoestnessbiophysicalohax.com
• rvcxestnessbiophysicalohax.com
• HjBTESTNESSBIOPHYSIALOHAX.com
• txmoEstnessbiophysicalohax.com
• AGEKESTNESSBIOPHYSICSHAXOHAX.com
• DBZWESTNESSBIOPHYSIALOHAX.com
• Sgjxestnessbiophysicalohax.com
• Igjyestnessbiophysialohax.com
• zxahestnessbiophysicalohax.com

• https://johannesbader.ch/blog/the-dga-of-bazarbackdooor/
• https://johannesbader.ch/blog/the-buggy-dga-of-bazarbackdoor/
• https://johannesbader.ch/blog/the-buggy-dga-of-bazarbackdoor/

Echte DGA:

• Adegjkaiggjm.bazar
• eehjmejjjo.bazar
• Dehiildjjiin.bazar
• CEEKLCJGIKN.BAZAR
• dceikkdhgikm.bazar
• Bfehjmbkggho.bazar
• Adegjmaiggjo.bazar
• dchiikdhjiim.bazar
• Effehkekghim.bazar
• Bdhjkbijhm.bazar

Bggy dga: -_fdgimzkfgio.bazaar -e'bfkieedfkkabazaar -efdgkekfgim.bazaar -begimzggio.bazaar -bbhlbgdfhn.bazaararar -^Ehikizjjkik.bazaar --Achimajehio.bazaar -] Defiizigfik.bazaar -"Begizeiik.bazaar -degfjdjifjm.bazaar

• CMID1S1zeiu.life
• Itszko2ot5u.life
• 3v1n35i5kwx.life
• Newdnq1xnl9.Life
• jkyj6awt1ao.life
• DDRJV6Y42B8.LIFE
• 1PNHP5O5ZA1.LIFE
• y13iqvlfjl5.life
• XP0BTFGEGBO.LIFE

• 360NetLab/DGA#1

• 8f6bacmw30xxv6sc.cn
• 486TXU3YJLY0XCMZ.RU
• xii6x8zg9rkanmyo.info
• spy1jhhdbmvt2ueva.net
• EVYBT5GTF2TPRVBI.Info
• 7qbys97e3pcw262c.info
• KZ897C7N7VBUR.BIZ
• zmkvlsvkbfnuez.ru
• Tr1yy6lxtry1gsts.biz
• MFQ6UWQ3P2HVC8ZN.CN

• https://johannesbader.ch/2015/09/the-dga-of-corebot/

• Lkhylm0mhyfuhg.dns.net
• S63234WLUV5V365BWP5.DDNs.net
• Afe6mfy23xcxgfa.dns.net
• 7RSL1F34SFQ0OJ3JWVMFA6C.DNS.NET
• Ir7l3po0gjy8ypqjm8o.ddns.net
• 3LGUPWDIVSFM2W4KNG2IHA.DDNS.NET
• i8a0q2wdu8otulkfylo2gdq.dnns.net
• kh1her76avy0qnelivijwd1.ddns.net
• UBGP1F1HAN7LU410EH5.DDNs.net
• ulier8knadmpmmdm4wti6oro.dns.net

• https://blog.xlab.qianxin.com/uncovering_darkcracks_payload_delivery_framework_cn/#part2-runner%E5%88%86%E6%9E%90

• stdfugagjl.com
• Evdfugagjl.com
• Avdfugagjl.com
• Mvdfugagjl.com
• Ivdfugagjl.com
• Uvdfugagjl.com
• Qvdfugagjl.com
• Ytcfugagjl.com
• ktcfugagjl.com
• gtcfugagjl.com

• http://johannesbader.ch/2015/03/the-dga-f-dircrypt/

• Rauggyguyp.com
• llulzza.com
• mluztamhnngwgh.com
• Mycojenxktsmozzthdv.com
• Inbxvqkegiapgv.com
• Furiararji.com
• zrkdvzjhse.com
• WyUHDSDTTCZD.com
• hpaxgpKteomjaxywwelr.com
• Mydojltbqjnwailiya.com

• https://johannesbader.ch/2016/01/the-dga-in-alureon-dnschandger/

• AktKlyvbiu.com
• Zgimjzlnrl.com
• Tcfejerekw.com
• tfunnjmxt.com
• ydvlfkguw.com

• VhkintjtkSyxgjrz.net
• BTPNXLSFDQBHZAZYX.NET
• UKFMKNJDENTHVKTGC.NET
• Qupxsrhrhrmuooonqrit.net
• GJSBYDMRPFZSMNFIU.NET
• INDPSQBETCPCQPRX.NET
• GWRDMHYJFCPCUTMHP.NET
• BWZCYPCBMNLPFSW.NET
• TWKPWFUECVZCINCQ.NET
• pdwfuxgnahmgsxhit.net

• App2.winsoft0.com
• App2.winsoft1.com
• App2.winsoft2.com
• App2.winsoft3.com
• App2.winsoft4.com
• App2.winsoft5.com
• App2.winsoft6.com
• App2.winsoft7.com
• App2.winsoft8.com
• App2.winsoft9.com

• http://www.govcert.admin.ch/blog/18/gazi-isfb-when-a-bug-ry-is-a-fatuure

• QuodpresIdentAXSatiat.cit.
• pertantumfitusu.com
• indulgentiarumlicet.com
• Moribrulhphemianegoci.com
• ptribueretnossetnonin.com
• Nonsicordinario.com
• svivacpecunia.com
• Instimabiler.com
• Ulpurgatoripetrum.com
• Papacricognitisipro.com

• https://johannesbader.ch/2015/12/krakens-two-domain-ganration-algoriths/

• ibbwnhgh.mooo.com
• RBQDXFLOJKJ.MOOO.com
• smhburg.deynndns.org
• BLTJHZQP.DYndns.org
• Clwafrfuuxq.yi.org
• cffxugijxn.yi.org
• Ivxcxbj.dynserv.com
• etllejr.dynserv.com
• OTPXMK.MOOO.com
• ejfjyd.mooo.com

• https://johannesbader.ch/2015/12/krakens-two-domain-ganration-algoriths/

• Xpdbwuimwag.com
• nwpegpjtx.com
• SmmyUhxlt.net
• xjvyvnzivt.net
• LVCTMUSXCYZ.TV
• LVCTMUSXCYZ.TV
• cjuszcfwo.cc
• EGBMBDEY.CC
• wjxaprgne.com
• vxbuggxhrgi.com

• https://blogs.forcepoint.com/security-labs/lockys-new-dga-seding-new-domains

• Gegjiimqmlgtdmk.tf
• Pccibcjncnhnhn.yt
• Rddipikmrap.us
• mmhmkqfc.be
• vkcims.pm
• QtysmobyTagnrv.it
• suhpqiumpjsv.ru
• CSCFBWBHs.uk

• https://malpedia.caad.fkie.fraunhofer.de/details/win.m0yv
• YouTube -Video "Sinkholing Der Algorithmus der Domänengenerierung von M0YV"

Zeitunabhängige Version in dga.py , zeitabhängige Version in dga-td.py .

• pywolwnvd.biz
• Ssbzmoy.biz
• cvgrf.biz
• npukfztj.biz
• Przvgke.biz
• Zlenh.biz
• Knjghuig.biz
• Uhxqin.biz
• anpmanmxo.biz
• lpuegx.biz

• 31b4bd31fg1x2.org
• 31b4bd31fg1x2.tikkets
• 31b4bd31fg1x2.BlackFriiy
• 31B4BD31FG1X2.HOSTING
• 31B4BD31FG1X2.Feedback
• 3f8c8079fd4c5.org
• 3F8C8079FD4C5.Tickets
• 3F8C8079FD4C5.BlackFriday
• 3f8c8079fd4c5.hosting
• 3f8c8079fd4c5.Fedback

• https://johannesbader.ch/2015/09/three-variants-of-murofets-dga/

• Giywswshrgxcvoqgvrkthmfa.ru
• XAIQPBRGYMBRWMZGIGRGDSK.com
• AMGQULARPZXEPZTXENBX.NET
• PFSCIJIJBMHYFIYJGORGGUGTKBQYH.ORG
• XGLFCMSGORVWFILHMZLCXXVKFEGE.INFO
• Rcteqwkequojntibvfyfaluwh.biz
• mjfqylbiaunfuaeunzdqdwscu.ru
• QobeylpxgPfKnptukyDQVklztg.com
• RGWGIZUKFICDGETWSXOVTCKNWKFM.Info
• BetgyaeswxorwcvsdezDUPB.org

• https://johannesbader.ch/2015/09/three-variants-of-murofets-dga/

• CMQVXTPNIBLI.BIZ
• CMQVXTPNIBLI.com
• rloqpoiongsuwyq.net
• rloqpoiongsuwyq.org
• zsophzovtfor.info
• zsophzovtfor.biz
• nlifthjnbgenfweq.org
• nlifthjnbgenfweq.com
• Hyktttqsssmvkoc.info
• Hykpttqsssmvkoc.org

• https://johannesbader.ch/2015/09/three-variants-of-murofets-dga/

• NXLYA47HUO61CZERB18O51E11D30I55GYCWE31LX.RU
• JWDZPTM69P62IZCVE41F22K37OYJ16G63FQOTE11.com
• P42P52NVD50IZKKAZAQE21LVO21PYCQOTP2E61.NET
• B28N40I25B68GTE41O61DWC19HTC29JWGXIQFZBR.org
• KTIRHSN50KZC49B58CYF32FWH14H64DZGXIQCZ.info
• BRE41HVC29KRI15EWPWDSAZJYN40P52KWE21GW.BIZ
• N30MWHSSXFQ51J56LunSG13O11HYD60EWF52NU.RU
• hvcsjxd20mzm29d40nznunta27c29kyi55fun50.com
• NZOSG13OYMZG63NTPXARO51BTKVFYOSHRK27.info
• CZFSN20ExG53NZCQCRGRG43EXF62B28P22PYD50LU.org

• Qehspqnmrn.info
• mmhaesqar.in
• Pwprhnqn.in
• mrspmramrn.in
• Arphansaqh.com
• hrhspsrenn.net
• Aepaaaemrm.com
• Wsaehwasen.in
• Arwrseqsssh.com
• ewamspqwha.ws

• http://johannesbader.ch/2015/02/the-dgas-f-necurs/

• Nccojqvavavkiwhj.mx
• Hodwwywnmmbi.ac
• AIANEAOINF.MU
• Ccecggc.us
• mffffmgtPlxByAGBTEGH.com
• Thlxuwnadtdtsm.biz
• Edkomqpeufjyafccj.in
• mxomklaqu.pw
• nvuttwteltin.tv
• nhysbiomr.ir

• https://johannesbader.ch/2014/12/the-dga-f-newgz/

• xzz3ug32baale1uo60yy7xj6rge.com
• 1HYZMW3L2PHYCETT8HZR2DO34.NET
• 2PQ821CFEM5M1MDUA46PXG7BJ.BIZ
• UNLM9W9L8UPY1KDDE0KBA7KTF.org
• 1IXHW3P1NCR3CF1PJFRPZ14N1U0E.com
• 1o460ktpdhna1k0lk3ecwujxn.net
• 183T0WJZLTHE51WIGPTK4RL29.org
• 1i3ux5a1hj6ndqejmxoxone45g0v.net
• 5MCD71MbUTPB1TGLU0S4P0LRF.com
• N3i5Mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm und c4mmmmmmmmm und oder

• NetLab - und Analyse von Linux.ngioWeb Botnetz
• NetLab - Schnell -Update auf dem Linux.ngioWeb Botnet, jetzt geht es nach IoT -Geräten nach

minihileth-subadofy.org revodihudom.info enisobure-netidimadom-minikevuship.org semiriddenction-postepudney.com Prolefexity-disorisance.org nichtbaziisch disahiblen-misehuraage.Name ilolupage-nonurisudiz-miniikazolike Prevomozari-microfemly.info

• OFTBPEC.com
• Lotmpwyk.info
• Seikpwq.info
• bcfatyltdvp.info
• rfwstgy.com
• Hokybhnf.biz
• Evlovrxuw.net
• mtzpbzbfvy.info
• Hacckgiakhl.com
• Mosmeuw.net

• https://johannesbader.ch/2018/04/the-new-domain-ganration-algorithmof

• Surfies-drawing.com
• Schaft-Cririon.cc
• Halts-hash.id
• Einheiten Knowledge.com
• Wiredgraph.tm
• Zeit
• Stablelikely.ch
• Edelstahlloan.lk
• Wagendokumente.Sc
• TrainerProcsss.tk

• http://johannesbader.ch/2016/03/the-dga-f-padcrypt/

• Elkfcfnacacmofdf.com
• mkmeeeffnfdmbm.de
• Ffcdcnbmmnaddcd.com
• DdkfodnaAdmbmofo.co.uk
• Efneboaodnmbecoa.co
• Bafomkfalcfcdkom.info
• Onlmcdadnacfclc.com
• DCFMDFBOBKMAFA.com
• Lmmmfdccmnfnmfdl.co
• Kcnconmceeeemlnm.com

• https://johannesbader.ch/2019/07/the-dga-f-pitou/

• --------------+
• Koohoavab.net |
• Koohoavac.net |
• Koohoavad.net |
• Koohoavaf.net |
• Koohoavag.net |
• Koohoavah.net |
• Koohoavaj.net |
• Koohoavak.net |
• Koohoaval.net |

• https://blog.avast.com/2013/06/18/your-facebebook-connection-nn-gesecured/

• Schwarze.net
• Dollarnerly.net
• SchwarzePossible.net
• DollarPossible.net
• edelynation.net
• Escapenation.net
• edelyPleasure.net
• Escapepleasure.net
• Eearlynearly.net
• Escapenearly.net

• https://johannesbader.ch/2016/06/prosikefan/

• Frarvcpk.eu
• Stjneohiod.biz
• Vcevvkc.se
• qylptiin.info
• bsvisbttr.com
• hjiknr.net
• Arpeiezki.org
• Gobqca.ru
• tivqfahrmxdl.in
• Smutloo.name

• Weafokugger.kz
• Sictemuborug.kz
• Cirpicficj.kz
• Geijanmap.kz
• Fuxhuxsabi.kz
• Siclisozdokq.kz
• Sozcoqnafrex.kz
• Qeobifups.kz
• Cokoqdeah.kz
• Latqafbuxwic.kz

• http://johannesbader.ch/2015/03/the-dga-f-pykspa/

• Uamskmq.org
• JQPLFLKTAS.Info
• Rybwtr.net
• uyznvxlof.info
• Gakcmqiw.com
• Wewsvat.net
• Owhadwkskevw.net
• nkndlzhjgrpc.info
• Isypszqu.net
• jobbaamoyt.info

• http://johannesbader.ch/2015/07/pykspas-inferior-dga-version/

• lfwhgin.com
• Guququaiq.biz
• WCTTYMO.NET
• Lovefjsfox.com
• Oruhbanansnan.cc
• MKNCJK.BIZ
• Yunonsuiwcyma.net
• yxpojufqbex.com
• qhxgzuffbex.cc
• yywiywiq.biz

• https://www.johannesbader.ch/2016/04/the-dga-f-qadars/

• jk9enwhansl2.org
• SDQFODMF81M7.net
• 5uro1uzspejk.net
• UB4HINSDUF0P.NET
• zs9ijo1er81u.com
• 0T67C5ARW9YF.NET
• Lev41encha38.net
• 67K1q3c1mr8x.org
• 7W1YF49IRK5M.NET
• gdunwhq7s9qb.org

• https://johannesbader.ch/2016/02/the-dga-f-qkbot/

• BQKRTXGKMRIWSIWCNGTIVPX.INFO
• JDTMFUPDYUEQELDVHSJZDVZOB.NET
• Guhmpoxzivhba.com
• nqqxqhuacaqhzurde.org
• LGQSQGPQZIJWID.Info
• ykolycdcyk.biz
• Ztvflnxqzpxvffvv.biz
• ZQRMKPIVRBXCAWOZQWQPFZH.org.org
• Iqyqwhntrxfeq.org
• ftadkbomxlnsib.info

• https://www.kyberturvalisuuusskus.fi/en/news/qsnatch-malware-designed-qnap-nas-tevices

• https://johannesbader.ch/blog/the-dga-f-qsnatch/

• T2q2r.cf
• Gc9nz.tk
• 07TVVC.com
• 7UBQO.ML
• 53bcm.de
• 6zltf.rocks
• Hv7uv.mx
• nypno.biz
• qkzccy.net
• Rassb.cn

• https://johannesbader.ch/2014/12/the-dga-framnit/

• KNPQXLXCWTLVGRYHD.com
• nvlyfua.com
• hgyudheedieibxy.com
• analylixwcbnjopdd.com
• VrndmdrDrdrjoff.com
• Jhghrlufoh.com
• tqjhvylf.com
• Hufqifjq.com
• Itktxexjghvvxa.com
• ppyblahb.com

• http://johannesbader.ch/2015/05/the-dga-of-ranbyus/

• Ikwoqkwuajpbyx.com
• nukpdrluwlfox.pw
• rcnxisuibbadng.in
• wbqtidjvsdiwe.me
• Jrdyumcieyipnv.cc
• yvyfwikefxitk.su
• Tviurcntxylxnj.tw
• lycyrvfcEMepfm.net
• Epddeuukdimbpft.com
• TRBHXHMBSIKOAQ.PW

• http://johannesbader.ch/2015/09/ranbyuss-dga-revised/

• JXBDXEYXTTDMCJAGI.ME
• Iqmadibfhnssadm.cc
• Gdoldaognceaedkke.su
• jnbnyrmxmplfGstk.tw
• ucjetnyaitygjidva.net
• jejocqwtcbuymvao.com
• Stuctjsqfxghcesyw.pw
• gfidCtymbxiaqyuyk.in
• Ojrqwrlhesfshawva.me
• bqjqvwwjirftwkjel.cc

Diese DGA hat unvorhersehbare Aussaat , dh ihre GetTickCount als Samen. Ich liste immer noch auf

• E5zhail0mw.com
• Gabbvk2o6s.com
• Cump2a4d7.com
• 5eswmwnqyf.com
• lexfszyuwp.com
• Jzpessspff.com
• Umiarnijet.com
• SHR0XE9IDM.com
• nycex7wlcf.com
• Vciznqxwpo.com

• 64F30398ecda3bf.xyz
• f008fc473fdddc4.live
• CFBADAF0CD7B0AC3.com
• B8D28386413029FE.Store
• 99C485497C079A09.info
• 6D54B683FC2CC58F.TOP
• ABB7547058FEF9FB.NET

• https://johannesbader.ch/2015/01/the-dga-of-shotob/

• Wtipubctwiekhir.net
• rwmu35avqo12tqc.com
• RSKB5BSFHM2FK5H.NET
• RBP9PPRRXGFLUT9.com
• Zzzxeyzgy45yy2a.net
• E3OA4WGLVD21XA.com
• mqmq1hvmtxzjv.net
• pd4o4wu24vimn.com
• TLMRZVPPSQSB.NET
• pbmz59uzndpo.com

• http://johannesbader.ch/2015/03/the-dga-f-simda-shiz/

• Gatyfus.com
• lyvyxor.com
• Vojyqem.com
• Qtyfuv.com
• Puvyxil.com
• Gahyqah.com
• lyryfyd.com
• vocyzit.com
• qgyqaq.com
• Purydyv.com

• https://www.johannesbader.ch/2016/06/the-dga-f --sisron/

• mdiwnjiwmtya.com
• MDEWNJIWMYA.com
• MZEWNTIWMYA.com
• mzawntiwmtya.com
• mjkwntiwmtya.com
• mjgwntiwmtya.com
• mjcwntiwmtya.com
• mjywntiwmtya.com
• mjuwntiwmtya.com
• mjqwntiwmtya.com

• http://www.rsaconfection.com/writable/presentations

• Reise
• Zerstören
• Gegen
• Nacht
• Innerhalb
• Bemühung
• Straße
• Besser
• Ehemann
• Wenig

• http://johannesbader.ch/2015/01/the-dga-f-symmi/

• Ogovoguipawi.dns.net
• Afowkaupbabe.ddns.net
• ipkureleakm.dns.net
• Hegiruqo.dns.net
• Luimreim.ddns.net
• tiakquoahuvu.dns.net
• Loelkuanduur.dns.net
• Agdehukoev.dns.net
• GiagkueKorla.ddns.net
• Leufiroqipomu.dns.net

• https://github.com/baderj/domain_generation_algorithms/tree/master/tempedreve/images

• DLBEBSGA.NET
• EnQbgrMt.com
• xjlwpfnk.info
• ebabkjcx.org
• Hvisetg.net
• svyjglen.com
• Glknxfgq.info
• adodulah.org
• JGRxRXWH.NET
• ctmrgbmz.com

• http://johannesbader.ch/2015/04/new-top- Level- domains-for-tinbas-dga/

• Blackfreeqyio.cc
• Nvfowikhevmy.com
• Nvfowikhevmy.net
• Nvfowikhevmy.in
• Nvfowikhevmy.ru
• sjhuqlwrqhqx.com
• Sjhuqlwrqhqx.net
• Sjhuqlwrqhqx.in
• Sjhuqlwrqhqx.ru
• Pxgonyogee.com

• DbqwpmpnruSywj.com
• QXMUBFLEZTLNKX.com
• RrnyWowowowQGMjvnltg.com
• rqnjdvzpsmbuw.com
• Utoiopxjrphvoiy.org
• Ttoouemmmmnxnmj.com
• NMJSOURLGVEECJ.org
• JUPRVZXQOTONVS.BIZ
• Nmjsourllgveecj.biz
• dotqwjmhqlushjlo.biz

• albdfhln.com
• Alcgkoown.com
• aldjpvqt.com
• alemuown.com
• alfpmrnq.org
• algspqt.org
• Alhvrytw.org
• Aliyuown.org
• aljnwpy.org
• alkpmrnq.net

• Ddknt.github.io
• Ddktn.github.io
• Ddnkt.github.io
• Ddntk.github.io
• Ddtkn.github.io
• Ddtnk.github.io
• dkdnt.github.io
• dkdtn.github.io
• dkndt.github.io
• dkntd.github.io

• https://johannesbader.ch/2015/11/a-javaScript-basiert-dga/

• rxxeqoy.cc
• kmymbyzd.co
• cfukbzbmg.eu
• Sblwtafc.cc
• Lqdoacat.co
• dplmjcjic.eu
• Tukaiwjdx.cc
• Meimklqh.co
• ENMXQCXHTL.EU
• UNMIAS.CC

• http://www.threatget.com/2016/11/vawtrak-dga-round-2.html

• Usahwtutu.com
• Folocnam.com
• Awumsah.com
• Edorwufli.com
• Miscutah.com
• Edarwotda.com
• Melarwetdic.com
• Uscnitdohg.com
• Regomseh.com
• Osicnumd.com

• 1D78E50D.com
• 1D78E50D.NET
• 1D78E50D.org
• 1D78E50D.Duckdns.org
• 2B04216F.com
• 2B04216F.net
• 2B04216F.org
• 2B04216F.Duckdns.org
• 2e1d985c.com
• 2e1d985c.net

• https://johannesbader.ch/blog/the-dga-of-zloader/

• DurfdSywubjaqchrh.com
• VudkttykceCeCekhtwwqn.com
• Jcaofaekffeojktmpdax.com
• iphrhkculpnubvvxnbh.com
• BJDBGBJDYREDHFYVPIE.com
• Wramitvqeojeaeceajxoj the.com
• Ohyjybhgogaebjqvpie.com
• fsKtelyeogmxudotlao.com
• Nsdtxvnwtxjwhbuqfe.com
• bohchavtvhbejwcmekvo.com