Cayosin Botnet combines Qbot and Mirai

description: Recently, we came across an emerging botnet as-a-service, the Cayosin Botnet. We first observed Cayosin on January 6, 2019, and activity has been ramping up. We have data on 55 scanning IPs, with indicators consistent to attacks built into Cayosin. Based on data from the threat actors, the bot count is over 1,100 as of February 2nd.

publish date:

reference :

IOC Table
total 7
type value
domain hostnamepxssy.club
FileHash-MD5 283d4888af0d820ba1d6f72e586a8410
FileHash-MD5 7cd9788dd9a5e97ca2e0a0480d4c377a
FileHash-SHA256 96ecc0e9b9e6f4f0275c4041e128d5ee87b51148e0e74b0379ece5edebb22792
FileHash-SHA256 e5173e4e4a1044858a14002a45507bb75772b21ceb348488bef465c2d22b791d
URL http://185.244.25.241/bins/cock.mpsl
URL http://185.244.25.241/bins/cock.x86