DDOSIA (d191f182-60cb-4cdf-943b-dd6e5dd7afce)
DDOSIA is a multi-threaded application that conducts denial-of-service attacks against target sites by repeatedly issuing network requests. DDOSIA issues requests as instructed by a configuration file that the malware receives from a C2 server when started. The configuration file is in JSON format and resides at the /client/get_targets URL path on the C2 server.[Sekoia.io Blog March 1 2024][Avast Threat Labs January 11 2023][SentinelOne January 12 2023]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| NoName057(16) (7c1a627e-7ea8-4919-a590-7637f1c887f3) | Tidal Groups | DDOSIA (d191f182-60cb-4cdf-943b-dd6e5dd7afce) | Tidal Software | 1 |