Malware Signature
The following table shows a list of malware samples and the corresponding botnet C&C (ip:port) associated with CryptoWall
Database Entry
| Malware: | CryptoWall |
|---|---|
| First seen: | 2014-06-11 20:06:52 UTC |
| Last seen: | 2014-08-07 20:53:13 UTC |
Malware Samples
The table below documents all malware samples associated with this malware family.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2014-08-07 20:53:13 | 91d54f6ccdd1b823502e411c1097c617 |  20/41 (48.78%)
| CryptoWall | 94.156.77.26:443 |
| 2014-08-07 20:53:13 | 91d54f6ccdd1b823502e411c1097c617 | 20/41 (48.78%)
| CryptoWall | 94.156.77.26:443 |
| 2014-06-16 18:53:26 | 0dd76242907f4f688f8e2a1f74dc401c | 30/50 (60.00%)
| CryptoWall | 94.156.77.26:443 |
| 2014-06-16 18:53:26 | 0dd76242907f4f688f8e2a1f74dc401c | 30/50 (60.00%)
| CryptoWall | 94.156.77.26:443 |
| 2014-06-11 20:06:52 | 86b6ee398f4494dce7adc7124b7ef966 | 27/51 (52.94%)
| CryptoWall | 37.200.65.119:443 |
| 2014-06-11 20:06:52 | 86b6ee398f4494dce7adc7124b7ef966 | 27/51 (52.94%)
| CryptoWall | 37.200.65.119:443 |