We now provide an overview of the abilities of the
DirtJumper bot with a focus on the C&C communication.
The URL of a C&C server is embedded into the
executable file at the time a new sample is generated by a
botmaster using the builder component. After infection
of a system, the malware generates a random bot identification
number and contacts the designated C&C server
with a HTTP request to obtain the current attack commands.