{
	"id": "3c100dd5-7e71-4e16-bfe6-08e0bacb9929",
	"created_at": "2026-04-06T00:15:29.848052Z",
	"updated_at": "2026-04-10T03:21:55.800771Z",
	"deleted_at": null,
	"sha1_hash": "07121ab35b73fd928860df1f53f93dfad86dc6f5",
	"title": "DDG (Malware Family)",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 38684,
	"plain_text": "DDG (Malware Family)\r\nBy Fraunhofer FKIE\r\nArchived: 2026-04-05 19:39:58 UTC\r\nDDG\r\nFirst activity observed in October 2017. DDG is a botnet with P2P capability that is targeting crypto currency\r\nmining (Monero).\r\nReferences\r\n2021-02-01 ⋅ Netlab ⋅\r\nDDG: A Mining Botnet Aiming at Database Servers\r\nDDG\r\n2020-04-08 ⋅ Netlab ⋅ JiaYu\r\nDDG botnet, round X, is there an ending?\r\nDDG\r\n2018-08-01 ⋅ Netlab ⋅ JiaYu\r\nThreat Alert: DDG 3013 is Out\r\nDDG\r\n2018-07-12 ⋅ Netlab ⋅ JiaYu\r\nOld Botnets never Die, and DDG REFUSE to Fade Away\r\nDDG\r\n2018-06-13 ⋅ Netlab ⋅ JiaYu\r\nDDG.Mining.Botnet 近期活动分析\r\nDDG\r\nThere is no Yara-Signature yet.\r\nSource: https://malpedia.caad.fkie.fraunhofer.de/details/elf.ddg\r\nhttps://malpedia.caad.fkie.fraunhofer.de/details/elf.ddg\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://malpedia.caad.fkie.fraunhofer.de/details/elf.ddg"
	],
	"report_names": [
		"elf.ddg"
	],
	"threat_actors": [],
	"ts_created_at": 1775434529,
	"ts_updated_at": 1775791315,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/07121ab35b73fd928860df1f53f93dfad86dc6f5.pdf",
		"text": "https://archive.orkl.eu/07121ab35b73fd928860df1f53f93dfad86dc6f5.txt",
		"img": "https://archive.orkl.eu/07121ab35b73fd928860df1f53f93dfad86dc6f5.jpg"
	}
}