Malware Signature
The following table shows a list of malware samples and the corresponding botnet C&C (ip:port) associated with NetWire
Database Entry
| Malware: | NetWire |
|---|---|
| First seen: | 2019-01-14 21:03:52 UTC |
| Last seen: | 2021-04-18 06:15:04 UTC |
Malware Samples
The table below documents all malware samples associated with this malware family.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2021-04-18 06:15:04 | 890630b72ac2f85b7d36299e438a0cb2 |  35 / 69 (50.72%)
| NetWire | 103.224.241.225:1604 |
| 2021-04-18 06:15:04 | 890630b72ac2f85b7d36299e438a0cb2 | 35 / 69 (50.72%)
| NetWire | 103.224.241.225:1604 |
| 2021-04-03 17:40:58 | 1bde5ccb4ffa9aa1d6c96e66966c888d | 21 / 70 (30.00%)
| NetWire | 103.224.241.225:1604 |
| 2021-04-03 17:40:58 | 1bde5ccb4ffa9aa1d6c96e66966c888d | 21 / 70 (30.00%)
| NetWire | 103.224.241.225:1604 |
| 2021-03-17 12:29:05 | bafa9bf2b7f22237c86395fc370eadd7 | 43 / 69 (62.32%)
| NetWire | 103.224.241.225:1604 |
| 2021-03-17 12:29:05 | bafa9bf2b7f22237c86395fc370eadd7 | 43 / 69 (62.32%)
| NetWire | 103.224.241.225:1604 |
| 2020-12-06 14:00:15 | fe203cac8b7f7116f62c2bbd042b7324 | 42 / 72 (58.33%)
| NetWire | 160.20.146.178:6606 |
| 2020-12-06 14:00:15 | fe203cac8b7f7116f62c2bbd042b7324 | 42 / 72 (58.33%)
| NetWire | 160.20.146.178:6606 |
| 2020-11-20 14:41:39 | d3f902c4f510d3be54ccbeb2269df996 | 17 / 72 (23.61%)
| NetWire | 160.20.146.178:5075 |
| 2020-11-20 14:41:39 | d3f902c4f510d3be54ccbeb2269df996 | 17 / 72 (23.61%)
| NetWire | 160.20.146.178:5075 |
| 2020-11-20 14:39:12 | d425a74d4ce14f748c4c1ef75b05d5a8 | 24 / 72 (33.33%)
| NetWire | 160.20.146.178:8808 |
| 2020-11-20 14:39:12 | d425a74d4ce14f748c4c1ef75b05d5a8 | 24 / 72 (33.33%)
| NetWire | 160.20.146.178:8808 |
| 2020-07-30 05:14:20 | 95047e278debcad02fa44417b4343163 | 45 / 73 (61.64%)
| NetWire | 160.20.145.14:7707 |
| 2020-07-30 05:14:20 | 95047e278debcad02fa44417b4343163 | 45 / 73 (61.64%)
| NetWire | 160.20.145.14:7707 |
| 2020-06-15 08:22:04 | 6f4e93bc242138c0cc64d233cda82998 | n/a | NetWire | 45.143.138.16:443 |
| 2020-06-15 08:22:04 | 6f4e93bc242138c0cc64d233cda82998 | n/a | NetWire | 45.143.138.16:443 |
| 2020-06-15 06:26:56 | 6bb6a626884d3bfca5efd61dfb1bb559 | 4 / 61 (6.56%)
| NetWire | 45.143.138.16:443 |
| 2020-06-15 06:26:56 | 6bb6a626884d3bfca5efd61dfb1bb559 | 4 / 61 (6.56%)
| NetWire | 45.143.138.16:443 |
| 2020-06-12 16:43:25 | 8905784eeae824b0863573d94f2f20de | n/a | NetWire | 79.134.225.49:6970 |
| 2020-06-12 16:43:25 | 8905784eeae824b0863573d94f2f20de | n/a | NetWire | 79.134.225.49:6970 |
| 2020-06-06 19:25:24 | 505696b0c6115b2dc8a33c40e857926e | n/a | NetWire | 79.134.225.49:6970 |
| 2020-06-06 19:25:24 | 505696b0c6115b2dc8a33c40e857926e | n/a | NetWire | 79.134.225.49:6970 |
| 2020-04-22 01:26:41 | 23fb12e2cb336c690c425f96249ac860 | n/a | NetWire | 185.244.29.175:7071 |
| 2020-04-22 01:26:41 | 23fb12e2cb336c690c425f96249ac860 | n/a | NetWire | 185.244.29.175:7071 |
| 2020-01-29 19:32:13 | 5415d9c2567b98d0516a781475bc3a10 | 54 / 72 (75.00%)
| NetWire | 185.244.30.74:6970 |
| 2020-01-29 19:32:13 | 5415d9c2567b98d0516a781475bc3a10 | 54 / 72 (75.00%)
| NetWire | 185.244.30.74:6970 |
| 2019-12-01 02:20:52 | b5c336565907a29fbfa4089efab7cd36 | 35 / 68 (51.47%)
| NetWire | 79.134.225.71:8808 |
| 2019-12-01 02:20:52 | b5c336565907a29fbfa4089efab7cd36 | 35 / 68 (51.47%)
| NetWire | 79.134.225.71:8808 |
| 2019-01-30 00:16:37 | de7e2f65b3fc7ab13018670bb1b41c84 | 22/70 (31.43%)
| NetWire | 91.192.100.3:3545 |
| 2019-01-30 00:16:37 | de7e2f65b3fc7ab13018670bb1b41c84 | 22/70 (31.43%)
| NetWire | 91.192.100.3:3545 |
| 2019-01-14 21:03:52 | afacfd9978574a679ff67e9a5188f85b | 25/71 (35.21%)
| NetWire | 91.192.100.3:3545 |
| 2019-01-14 21:03:52 | afacfd9978574a679ff67e9a5188f85b | 25/71 (35.21%)
| NetWire | 91.192.100.3:3545 |