commands. As a starting point to automatically identify
C&C servers of DDoS-related botnets, we implemented
an interface to the VirusTotal Malware Intelligence Service
[9] to regularly obtain recent malware samples based
on a search for an AV detection name. A challenge trying
to identify samples of a malware family is the difference
and inconsistency between the AV detection names of the
various vendors [1].