Cipher Stealth Server: How to Get the Most Out of Your RGH/Jtag Console Online
3. Network connection obfuscationDetermine server name and port numberTo download an additional module from the command-and-control (C&C) server, Java.Cogyeka has to connect to it. However, it is difficult to successfully connect an existing server while also attempting to connect many fake servers. It takes a long time to download an additional module this way. The difficulty results from the complicated server name and port number.The C&C server's host name is made up of five to eight random letters and the randomly selected domain is based on a dynamic DNS. A random seed based on the time the malware is run is used to select the random letters. The domain is selected from 22 famous dynamic services by the same random seed used to obtain the random letters. The port number is also randomly generated by the…