From Sandbox: New seed of Padcrypt

[suqitian]

• MD5: 1e69889644fd30e906c1f5c923599bef
• Domains from Sandbox, 73 in total.

  [datetime: 2017-05-17 02:18:58]
  ceaonmlmcdefkbmd.com
  beoamaebcldfkcdn.net
  neadamaflkckddan.com
  bbnkdfekaocadlkc.online
  momdflefflamkadn.tk
  caacemceebmfmofb.online
  eckcafccffnoddco.com
  dlffbnobdkkdcdmf.com
  cnbmbdfllanfaecb.com
  obbcoomndnccmela.org
  alblmfdamndebckk.com
  dkeackfnkakbdcke.ga
  aaelmaomkffbaaoc.website
  eaebeafdodobmnff.tk
  ffcldmfkankdlefn.de
  fadmaoclbldofddd.net
  accbkadamdcnffnb.com
  cdofacfaobbaadck.de
  bdfafmbmfokkmcen.org
  dkfnbefckcdllabk.online
  dedeonalolcmccdn.net
  dcbadcfkcobfdbom.com
  afmdkbnalffbldab.co.uk
  dfmdmekmdnbdbebk.tk
  cldnmebabkcdldlb.ga
  laacbdabfonledab.org
  bfffcndcmdldndkb.info
  ebnnbelccdcdlben.info
  odkfnfabbacdfcke.com
  mofkafmnmmcalndn.de
  fdoedfldfbolblbf.website
  fbflbfffceadocac.org
  defaffaooabbadbf.cc
  abfddfbmkmfaffec.co.uk
  flcadcnoamldofef.de
  eafbfndbcffdocka.online
  nbbbcaabackbafbb.co.uk
  bfcaclomdaodabml.ga
  becbdfabdbbfaldd.co.uk
  faoaeeacfommdeab.website
  adknbalfedfabdab.co.uk
  ipinfo.io A 52.74.166.76 A 52.221.28.84 52.221.28.84
  dallfmfdnmkcmkda.co.uk
  abldkfanoobebbaf.com
  cbbaaekbdckmabbd.de
  cbffmmdkblodeeck.com
  fffcbdbacfodedbf.tk
  eclcedafkfddnkec.tk
  lbaafbblfadddedm.org
  cbfbfcdafdomaann.com
  aeocfacnadfcccda.de
  benffabcfbmddoac.co
  mlackfemdlndfcfo.de
  ffakcdacdaoolbab.co.uk
  kldnlafolkdbeebk.info
  bcdcacnnboabdlll.de
  fanfbndcaaccncce.net
  nkfbcdmndkaendff.com
  lbdodamcdbaabldc.com
  alecadbefcddoacf.org
  cdkfafmaldlboald.info
  lcnlbadmfbeeokob.info
  mdleakbnnbellnaa.net
  baccebofcoomcabf.com
  donelffkbfankmfd.net
  aamccaaffkclafca.net
  bkdbcbfffkedamba.com
  ddacdoanccefmabm.co
  aadmebacfeaancfe.website
  dnlfcdlacdbbabcd.cc
  cdaaacdnafnbcaod.co
  kbnbffkakbkdcbdm.net
  aoaedbkoabalbcfa.info

[suqitian]

• Code diff

$ diff dga_new.py dga.py 
30,36d29
<         },
<     "11.37.0.0" : {
<         'nr_domains': 24*3,
<         'tlds': ['com', 'co.uk', 'de', 'org', 'net', 'tk', 'info', 'online',
<             'ga', 'co', 'cc', 'website'],
<         'digit_mapping': "abcdnfolmk",
<         'separator': '|'
47,50d39
< 
<         if config_nr == "11.37.0.0":
<             seed_str += "38"
< 
64c53
<             choices=["2.2.86.1", "2.2.97.0", "11.37.0.0"], default="2.2.86.1")
---
>             choices=["2.2.86.1", "2.2.97.0"], default="2.2.86.1")

dga_new.py is here, which base on the version implemented by baderj.

• Test

  $ python dga_new.py -v 11.37.0.0 -d 2017-05-17 | less
  donelffkbfankmfd.net
  lbaafbblfadddedm.org
  dcbadcfkcobfdbom.com
  cldnmebabkcdldlb.ga
  momdflefflamkadn.tk
  aamccaaffkclafca.net
  laacbdabfonledab.org
  mofkafmnmmcalndn.de
  dkeackfnkakbdcke.ga
  benffabcfbmddoac.co
  cbbaaekbdckmabbd.de
  fanfbndcaaccncce.net
  cdkfafmaldlboald.info
  bkdbcbfffkedamba.com
  abfddfbmkmfaffec.co.uk
  eafbfndbcffdocka.online
  lcnlbadmfbeeokob.info
  dallfmfdnmkcmkda.co.uk
  neadamaflkckddan.com
  dedeonalolcmccdn.net
  mlackfemdlndfcfo.de
  abldkfanoobebbaf.com
  ebnnbelccdcdlben.info
  kbnbffkakbkdcbdm.net
  nkfbcdmndkaendff.com
  eckcafccffnoddco.com
  dnlfcdlacdbbabcd.cc
  ddacdoanccefmabm.co
  alblmfdamndebckk.com
  fffcbdbacfodedbf.tk
  defaffaooabbadbf.cc
  accbkadamdcnffnb.com
  cnbmbdfllanfaecb.com
  nbbbcaabackbafbb.co.uk
  adknbalfedfabdab.co.uk
  caacemceebmfmofb.online
  faoaeeacfommdeab.website
  cbfbfcdafdomaann.com
  eaebeafdodobmnff.tk
  obbcoomndnccmela.org
  cdaaacdnafnbcaod.co
  bfffcndcmdldndkb.info
  beoamaebcldfkcdn.net
  flcadcnoamldofef.de
  mdleakbnnbellnaa.net
  ...