domain_generation_algorithms

• http://johannesbader.ch/2015/02/the-dga-of-banjori/

• EarnestnessBiophysicalohax.com
• kwtoestnessbiophysicalohax.com
• rvcxestnessbiophysicalohax.com
• hjbtestnessbiophysisialohax.com
• txmoestnessbiophysicalohax.com
• Agekestnessbiophysicalohax.com
• dbzwestnessbiophysisialohax.com
• sgjxestnessbiophysicalohax.com
• igjyestnessbiophysisialohax.com
• zxahestnessbiophysicalohax.com

• https://johannesbader.ch/blog/the-dga-of-bazarbackdooor/
• https://johannesbader.ch/blog/the-buggy-dga-of-bazarbackdoor/
• https://johannesbader.ch/blog/the-buggy-dga-of-bazarbackdoor/

DGA จริง:

• Adegjkaiggjm.bazar
• eehjmejjjo.bazar
• dehiildjjiin.bazar
• ceeiklcjgikn.bazar
• dceikkdhgikm.bazar
• bfehjmbkggho.bazar
• Adegjmaiggjo.bazar
• dchiikdhjiim.bazar
• effehkkghim.bazar
• bdhjkbijhm.bazar

bggy dga: -_fdgimzkfgio.bazaar -e'bfkieedfkkababazaar -efdgkekfgim.bazaar -begimzggio.bazaar -bbbhlbgdfhn.bazaar.bazaar.bazaar -^ehikizjjkik.bazaar -achimajehio.bazaar -] defiizigfik.bazaar -`` `Begizeieiik.bazaar -degfjdjifjm.bazaar

• cmid1s1zeiu.life
• itszko2ot5u.life
• 3v1n35i5kwx.life
• newdnq1xnl9.life
• jkyj6Awt1ao.life
• ddrjv6y42b8.life
• 1PNHP5O5ZA1.LIFE
• y13iqvlfjl5.Life
• xp0btfgegbo.life

• 360NetLab/DGA#1

• 8F6BACMW30XXV6SC.CN
• 486TXU3YJLY0XCMZ.RU
• xii6x8zg9rkanmyo.info
• Spy1JHHDBMVT2UEVA.NET
• evybt5gtf2tprvbi.info
• 7QBYS97E3PCW262C.INFO
• KZ897C7N7VBUR.BIZ
• zmkvlsvkbfnuez.ru
• tr1yy6lxtry1gsts.biz
• mfq6uwq3p2hvc8zn.cn

• https://johannesbader.ch/2015/09/the-dga-of-corebot/

• lkhylm0mhyfuhg.dns.net
• S63234WLUV5V365BWP5.DDNS.NET
• afe6mfy23xcxgfa.dns.net
• 7RSL1F34SFQ0OJ3JWVMFA6C.DNS.NET
• ir7l3po0gjy8ypqjm8o.ddns.net
• 3LGUPWDIVSFM2W4KNG2IHA.DDNS.NET
• i8a0q2wdu8otulkfylo2gdq.dnns.net
• kh1her76avy0qnelivijwd1.ddns.net
• UBGP1F1HAN7LU410EH5.DDNS.NET
• ulier8knadmpmmdm4wti6oro.dns.net

• https://blog.xlab.qianxin.com/uncovering_darkcracks_payload_delivery_framework_cn/#part2-runner%E5%88%86%E6%9E%90

• stdfugagjl.com
• evdfugagjl.com
• avdfugagjl.com
• mvdfugagjl.com
• ivdfugagjl.com
• uvdfugagjl.com
• qvdfugagjl.com
• ytcfugagjl.com
• ktcfugagjl.com
• gtcfugagjl.com

• http://johannesbader.ch/2015/03/the-dga-f-dircrypt/

• rauggyguyp.com
• llulzza.com
• mluztamhnngwgh.com
• mycojenxktsmozzthdv.com
• inbxvqkegiapgv.com
• furiararji.com
• zrkdvzjhse.com
• wyuhdsdttczd.com
• hpaxgpkteomjaxywwelr.com
• mydojltbqjnwailiya.com

• https://johannesbader.ch/2016/01/the-dga-in-alureon-dnschandger/

• aktklyvbiu.com
• zgimjzlnrl.com
• tcfejerekw.com
• tfunnjmxt.com
• ydvlfkguw.com

• vhkintjtksyxgjrz.net
• btpnxlsfdqbhzazyx.net
• ukfmknjdenthvktgc.net
• qpxsrhrhrmuoooooooooo
• gjsbydmrpfzsmnfiu.net
• indpsqbetcpcqprx.net
• gwrdmhyjfcpcutmhp.net
• bwzcypcbmnlpfsw.net
• twkpwfuecvzcincq.net
• pdwfuxgnahmgsxhit.net

• app2.winsoft0.com
• app2.winsoft1.com
• app2.winsoft2.com
• app2.winsoft3.com
• app2.winsoft4.com
• app2.winsoft5.com
• app2.winsoft6.com
• app2.winsoft7.com
• app2.winsoft8.com
• app2.winsoft9.com

• http://www.govcert.admin.ch/blog/18/gazi-isfb-when-a-bug-rely-is-a-fatuure

• QuodpresidenteAxsatiat.cit
• pertantumfitusu.com
• indulgentiarumlicet.com
• moriblasphemianegoci.com
• ptribueretNossetNonin.com
• nonsicordinario.com
• svivacpecunias.com
• Instimabiler.com
• ulpurgatoripetrum.com
• papacricognitisipro.com

• https://johannesbader.ch/2015/12/krakens-two-domain-ganration-algorithms/

• ibbwnhgh.mooo.com
• rbqdxflojkj.mooo.com
• smhburg.deyndns.org
• bltjhzqp.dyndns.org
• clwafrfuuxq.yi.org
• cffxugijxn.yi.org
• ivxcxbj.dynserv.com
• etllejr.dynserv.com
• otpxmk.mooo.com
• ejfjyd.mooo.com

• https://johannesbader.ch/2015/12/krakens-two-domain-ganration-algorithms/

• xpdbwuimwag.com
• nwpegpjtx.com
• smmyuhxlt.net
• xjvyvnzivt.net
• lvctmusxcyz.tv
• lvctmusxcyz.tv
• cjuszcfwo.cc
• egbmbdey.cc
• wjxaprgne.com
• vxbuggxhrgi.com

• https://blogs.forcepoint.com/security-labs/lockys-new-dga-seeding-new-domains

• gegjiimqmlgtdmk.tf
• pccibcjncnhnhnh.yt
• rddipikmrap.us
• MMHMKQFC.BE
• vkcims.pm
• ptysmobytagnrv.it
• suhpqiumpjsv.ru
• cscfbwbhs.uk

• https://malpedia.caad.fkie.fraunhofer.de/details/win.m0yv
• วิดีโอ YouTube "Sinkholing อัลกอริทึมการสร้างโดเมนของ M0YV"

Time Independent Version ใน dga.py รุ่นขึ้นอยู่กับเวลาใน dga-td.py

• pywolwnvd.biz
• ssbzmoy.biz
• cvgrf.biz
• npukfztj.biz
• przvgke.biz
• zlenh.biz
• knjghuig.biz
• uhxqin.biz
• anpmanmxo.biz
• lpuegx.biz

• 31b4bd31fg1x2.org
• 31b4bd31fg1x2.tikkets
• 31B4BD31FG1X2.BLACKFRIIY
• 31b4bd31fg1x2.hosting
• 31b4bd31fg1x2.feedback
• 3F8C8079FD4C5.ORG
• 3F8C8079FD4C5.TICKETS
• 3F8C8079FD4C5.BlackFriday
• 3F8C8079FD4C5.Hosting
• 3F8C8079FD4C5.FEDBACK

• https://johannesbader.ch/2015/09/three-variants-of-murofets-dga/

• giywshrgxcvoqgvrkthmfa.ru
• xaiqpbrgymbrwmzgigrgdsk.com
• amgqularpzxepztxenbx.net
• pfscijijbmhyfiyjgorggugtkbQyh.org
• xglfcmsgorvwfilhmzlcxxvkfege.info
• rcteqwkequojntibvfyfaluwh.biz
• mjfqylbiaunfuaeunzdqdwscu.ru
• qobeylpxgpfknptukydqvklztg.com
• rgwgizukficdgsxovtcknwkfm.info
• betgyaeswxorwcvsdezdupb.org

• https://johannesbader.ch/2015/09/three-variants-of-murofets-dga/

• cmqvxtpnibli.biz
• cmqvxtpnibli.com
• rloqpoiongsuwyq.net
• rloqpoiongsuwyq.org
• zsophzovtfor.info
• zsophzovtfor.biz
• nlifthjnbgenfweq.org
• nlifthjnbgenfweq.com
• hyktttqsssssmvkoc.info
• hykpttqssssssmvkoc.org

• https://johannesbader.ch/2015/09/three-variants-of-murofets-dga/

• nxlya47huo61czerb18o51e11d30i55gycwe31lx.ru
• JWDZPTM69P62IZCVE41F22K37OYJ16G63FQOTE11.com
• P42P52NVD50IZKKAZAQE21LVO21PYCQOTP2E61.NET
• B28N40I25B68GTE41O61DWC19HTC29JWGXIQFZBR.org
• Ktirhsn50kzc49b58cyf32fwh14h64dzgxiqcz.info
• Bre41HVC29KRI15EWPWDSAZJYN40P52KWE21GW.BIZ
• N30MWHSSXFQ51J56LUNSG13O11HYD60EWF52NU.ru
• HVCSJXD20MZM29D40NZNUNTA27C29KYI55FUN50.com
• NZOSG13OYMZG63NTPXARO51BTKVFYOSHRK27.INFO
• CZFSN20EXG53NZCQCRGRG43EXF62B28P22PYD50LU.org

• qehspqnmrn.info
• mmhaesqar.in
• pwprhnqn.in
• mrspmramrn.in
• arphansaqh.com
• hrhspsrenn.net
• aepaaaemrm.com
• wsaehwases.in
• arwrseqssh.com
• ewamspqwha.ws

• http://johannesbader.ch/2015/02/the-dgas-f-necurs/

• nccojqvavavkiwhj.mx
• hodwwywnmmbi.ac
• aianeaoinf.mu
• ccecggc.us
• mffffmgtplxbyagbtegh.com
• thlxuwnadtdtsm.biz
• edkomqpeufjyafccj.in
• mxomklaqu.pw
• nvuttwteltin.tv
• nhysbiomr.ir

• https://johannesbader.ch/2014/12/the-dga-f-newgz/

• XZZ3UG32BAALE1UO60YY7XJ6RGE.com
• 1HYZMW3L2PHYCETT8HZR2DO34.NET
• 2PQ821CFEM5M1MDUA46PXG7BJ.BIZ
• UNLM9W9L8UPY1KDDE0KBA7KTF.org
• 1IXHW3P1NCR3CF1PJFRPZ14N1U0E.com
• 1O460KTPDHNA1K0LK3ECWUJXN.NET
• 183t0wjzlthe51wigptk4rl29.org
• 1I3UX5A1HJ6NDQEJMXOXONE45G0V.NET
• 5MCD71MBUTPB1TGLU0S4P0LRF.com
• N3I5YN19W82VMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMP1K1L4XRJG.ORG

• NetLab - และการวิเคราะห์ Linux.ngioweb Botnet
• NetLab - อัปเดตอย่างรวดเร็วเกี่ยวกับ Linux.ngioweb Botnet ตอนนี้มันกำลังดำเนินไปหลังจากอุปกรณ์ IoT

minihilethe-subadofy.org revodihudom.info enisobure-netidimadom-minikevuship.org semiriddenction-postepudney.com prolefexity-disorisance.org NoneBazish-Disahiblen-misehuraage.name ilolupage-nonurisudize-miniikazolike.net seicofaxiful-enixakor-subafapean.info overedaxive-nonameranel prevomozari-microfemly.info

• OFTBPEC.com
• lotmpwyk.info
• seikpwq.info
• bcfatyltdvp.info
• rfwstgy.com
• hokybhnf.biz
• evlovrxuw.net
• mtzpbzbfvy.info
• hacckgiakhl.com
• mosmeuw.net

• https://johannesbader.ch/2018/04/the-new-domain-ganration-algorithm-of-nymaim/

• Surfies-krawing.com
• Shaft-criririon.cc
• หยุด hash.id
• unitsknowledge.com
• wiredgraph.tm
• เวลา
• stablelikely.ch
• สแตนเลสยืม
• wagon-documents.sc
• TrainerProcsSors.tk

• http://johannesbader.ch/2016/03/the-dga-f-padcrypt/

• elkfcfnacacmofdf.com
• mkmeeffnfdmbm.de
• ffcdcnbmmnaddcd.com
• ddkfodnaadmbmofo.co.uk
• efneboaodnmbecoa.co
• bafomkfalcfcdkom.info
• onlmcdadnacfclc.com
• dcfmdfbobkmafa.com
• lmmmfdccmnfnmfdl.co
• kcknconmceeeemlnm.com

• https://johannesbader.ch/2019/07/the-dga-f-pitou/

• -
• koohoavab.net |
• koohoavac.net |
• koohoavad.net |
• koohoavaf.net |
• koohoavag.net |
• koohoavah.net |
• koohoavaj.net |
• koohoavak.net |
• koohoaval.net |

• https://blog.avast.com/2013/06/18/your-facebook-connection-nn-secured/

• ยาก. net
• dollarnerly.net
• tworterpossible.net
• dollarpossible.net
• edelynation.net
• Escapenation.net
• Edelypleasure.net
• Escapepleasure.net
• eearlynearly.net
• Escapenearly.net

• https://johannesbader.ch/2016/06/proslikefan/

• frarvcpk.eu
• stjneohiod.biz
• vcevvkc.se
• qylptiin.info
• bsvisbttr.com
• hjiknr.net
• arpeiezki.org
• gobqca.ru
• tivqfahrmxdl.in
• smutloo.name

• weafokuggeir.kz
• sictemuborug.kz
• cirpicficj.kz
• geijanmap.kz
• fuxhuxsabi.kz
• siclisozdokq.kz
• sozcoqnafrex.kz
• qeobifups.kz
• cokoqdeah.kz
• latqafbuxwic.kz

• http://johannesbader.ch/2015/03/the-dga-f-pykspa/

• uamskmq.org
• jqplflktas.info
• rybwtr.net
• uyznvxlof.info
• gakcmqiw.com
• wewsvat.net
• owhadwkskevw.net
• nkndlzhjgrpc.info
• isypszqu.net
• Jobbaamoyt.info

• http://johannesbader.ch/2015/07/pykspas-inferior-dga-version/

• lfwhgin.com
• guququaiq.biz
• wctymo.net
• lovefjsfox.com
• oruhbanansnan.cc
• mkncjk.biz
• yunonsuiwcyma.net
• yxpojufqbex.com
• qhxgzuffbex.cc
• yywiywiq.biz

• https://www.johannesbader.ch/2016/04/the-dga-f-qadars/

• jk9enwhansl2.org
• sdqfodmf81m7.net
• 5URO1UZSPEJK.NET
• ub4hinsduf0p.net
• zs9ijo1er81u.com
• 0T67C5ARW9YF.NET
• Lev41encha38.net
• 67k1q3c1mr8x.org
• 7w1yf49irk5m.net
• gdunwhq7s9qb.org

• https://johannesbader.ch/2016/02/the-dga-f-qkbot/

• bqkrtxgkmriwsiwcngtivpx.info
• jdtmfupdyueqeldvhsjzdvzob.net
• guhmpoxzivhba.com
• nqqxqhuacaqhzurde.org
• lgqsqgpqzijwid.info
• ykolycdcyk.biz
• ztvflnxqzpxvffvv.biz
• zqrmkpivrbxcawozqwqpfzh.org.org
• IQYQWHNTRXFEQ.org
• ftadkbomxlnsib.info

• https://www.kyberturvalisuuuskskus.fi/en/news/qsnatch-malware-designed-qnap-nas-devices

• https://johannesbader.ch/blog/the-dga-f-qsnatch/

• t2q2r.cf
• gc9nz.tk
• 07tvvc.com
• 7ubqo.ml
• 53bcm.de
• 6zltf.rocks
• hv7uv.mx
• nypno.biz
• qkzccy.net
• rassb.cn

• https://johannesbader.ch/2014/12/the-dga-f-ramnit/

• knpqxlxcwtlvgrdyhd.com
• nvlyfua.com
• hgyudheedieibxy.com
• analylixwcbnjopdd.com
• vrndmdrdrdrjoff.com
• jhghrlufoh.com
• tqjhvylf.com
• hufqifjq.com
• itktxexjghvvxa.com
• ppyblahb.com

• http://johannesbader.ch/2015/05/the-dga-of-ranbyus/

• ikwoqkwuajpbyx.com
• nukpdrluwlfox.pw
• rcnxisuibbadng.in
• wbqtidjvsdiwe.me
• jrdyumcieyipnv.cc
• yvyfwikefxitk.su
• tviurcntxylxnj.tw
• lycyrvfcemepfm.net
• epddeuukdimbpft.com
• trbhxhmbsikoaq.pw

• http://johannesbader.ch/2015/09/ranbyuss-dga-revisited/

• jxbdxeyxttdmcjagi.me
• iqmadibfhnssadm.cc
• gdoldaognceaedkke.su
• jnbnyrmxmplfgstk.tw
• ucjetnyaitygjidva.net
• jejocqwtcbuymvao.com
• Stuctjsqfxghcesyw.pw
• gfidctymbxiaqyuyk.in
• ojrqwrlhesfshawva.me
• bqjqvwwjirftwkjel.cc

DGA นี้มีการเพาะเมล็ดที่คาดเดาไม่ได้ เช่น GetTickCount เป็นเมล็ด ฉันยังคงแสดงรายการ

• e5zhail0mw.com
• gabbvk2o6s.com
• cump2a4d7.com
• 5ESWMWNQYF.com
• lexfszyuwp.com
• jzpesspff.com
• umiarnijet.com
• shr0xe9idm.com
• nycex7wlcf.com
• vciznqxwpo.com

• 64F30398ECDA3BF.XYZ
• f008fc473fdddc4.live
• cfbadaf0cd7b0ac3.com
• B8D28386413029FE.STORE
• 99C485497C079A09.info
• 6d54b683fc2cc58f.top
• ABB7547058FEF9FB.NET

• https://johannesbader.ch/2015/01/the-dga-of-hotob/

• wtipubctwiekhir.net
• RWMU35AVQO12TQC.com
• RSKB5BSFHM2FK5H.NET
• rbp9pprrxgflut9.com
• zzzxeyzgy45yy2a.net
• e3oa4wglvd21xa.com
• mqmq1hvmtxzjv.net
• pd4o4wu24vimn.com
• tlmrzvppsqsb.net
• pbmz59uzndpo.com

• http://johannesbader.ch/2015/03/the-dga-f-simda-shiz/

• gatyfus.com
• lyvyxor.com
• vojyqem.com
• uptyfuv.com
• puvyxil.com
• gahyqah.com
• lyryfyd.com
• vocyzit.com
• qgyqaq.com
• purydyv.com

• https://www.johannesbader.ch/2016/06/the-dga-f-sisron/

• mdiwnjiwmtya.com
• mdewnjiwmtya.com
• mzewntiwmtya.com
• mzawntiwmtya.com
• mjkwntiwmtya.com
• mjgwntiwmtya.com
• mjcwntiwmtya.com
• mjywntiwmtya.com
• mjuwntiwmtya.com
• mjqwntiwmtya.com

• http://www.rsaconfection.com/writable/presentations

• การเดินทาง
• ทำลาย
• ขัดต่อ
• กลางคืน
• ภายใน
• ความพยายาม
• ถนน
• ดีกว่า
• สามี
• เล็กน้อย

• http://johannesbader.ch/2015/01/the-dga-f-symmi/

• ogovoguipawi.dns.net
• afowkaupbabe.ddns.net
• ipkureleakm.dns.net
• hegiruqo.dns.net
• luimreim.ddns.net
• tiakquoahuvu.dns.net
• loelkuanduur.dns.net
• agdehukoev.dns.net
• giagkuekorla.ddns.net
• Leufiroqipomu.dns.net

• https://github.com/baderj/domain_generation_algorithms/tree/master/tempedreve/images

• dlbebsga.net
• enqbgrmt.com
• xjlwpfnk.info
• ebabkjcx.org
• hvisietg.net
• svyjglen.com
• glknxfgq.info
• adodulah.org
• jgrxrxwh.net
• ctmrgbmz.com

• http://johannesbader.ch/2015/04/new-top- level- domains-for-tinbas-dga/

• blackfreeqyio.cc
• nvfowikhevmy.com
• nvfowikhevmy.net
• nvfowikhevmy.in
• nvfowikhevmy.ru
• sjhuqlwrqhqx.com
• SJHUQLWRQHQX.NET
• SJHUQLWRQHQX.in
• sjhuqlwrqhqx.ru
• pxgonyogee.com

• dbqwpmpnrusywj.com
• qxmubfleztlnkx.com
• rrnywowowowQgmjvnltg.com
• rqnjdvzpsmbuw.com
• utoiopxjrphvoiy.org
• ttoouemmmmnxnmj.com
• nmjsourlgveecj.org
• juprvzxqotonvs.biz
• nmjsoourllgveecj.biz
• dotqwjmhqlushjlo.biz

• albdfhln.com
• alcgkown.com
• aldjpvqt.com
• Alemuown.com
• alfpmrnq.org
• algspqt.org
• alhvrytw.org
• Aliyuown.org
• aljnwpy.org
• alkpmrnq.net

• ddknt.github.io
• ddktn.github.io
• ddnkt.github.io
• ddntk.github.io
• ddtkn.github.io
• ddtnk.github.io
• dkdnt.github.io
• dkdtn.github.io
• dkndt.github.io
• dkntd.github.io

• https://johannesbader.ch/2015/11/a-javascript- บนพื้นฐาน-dga/

• rxxeqoy.cc
• kmymbyzd.co
• cfukbzbmg.eu
• sblwtafc.cc
• lqdoacat.co
• dplmjcjic.eu
• ttukaiwjdx.cc
• meimklqh.co
• enmxqcxhtl.eu
• unmis.cc

• http://www.threatget.com/2016/11/vawtrak-dga-round-2.html

• usahwtutu.com
• folocnam.com
• awumsah.com
• edorwufli.com
• misocutah.com
• edarwotda.com
• melarwetdic.com
• uscnitdohg.com
• regomseh.com
• osicnumd.com

• 1d78e50d.com
• 1d78e50d.net
• 1d78e50d.org
• 1d78e50d.duckdns.org
• 2B04216F.com
• 2B04216F.NET
• 2b04216f.org
• 2b04216f.duckdns.org
• 2e1d985c.com
• 2e1d985c.net

• https://johannesbader.ch/blog/the-dga-of-zloader/

• gdurfdsywubjaqchrh.com
• vudktykcecigekhtwwqn.com
• jcaofaekffeojktmpdax.com
• iphrhkculpnubvvxnbh.com
• bjdbgbjdyredhfyvpie.com
• wramitvqeojeaeceajxoj the.com
• OHYJYBHGOGAEABJQVPIE.com
• fsktelyeogmxudotlao.com
• nsdtxvnwtxjwhbuqfe.com
• bohchavtvhbejwcmekvo.com