Sharing the Simda Pseudo DGA

There was the takedown of Simda reported yesterday by Microsoft. According to that report, Simda communicates “up to six hard-coded IPs” and has a DGA that it uses to set the hosts field in the HTTP header and also used as seed for encryption. This is the reversed algorithm, as reversed of sample MD5 892A0A4DC4C3EEA90BECE60C142AEAF1 […]