Malware Signature

The following table shows a list of malware samples and the corresponding botnet C&C (ip:port) associated with Ransomware.Sodinokibi

Database Entry

Malware:Ransomware.Sodinokibi
First seen:2020-06-09 07:37:40 UTC
Last seen:2021-04-04 08:54:08 UTC

Malware Samples

The table below documents all malware samples associated with this malware family.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2021-04-04 08:54:08999660513492abf77dcd46db5ae97f17Virustotal results 52 / 70 (74.29%) Ransomware.Sodinokibi192.42.116.41:443
2021-04-04 08:54:08999660513492abf77dcd46db5ae97f17Virustotal results 52 / 70 (74.29%) Ransomware.Sodinokibi192.42.116.41:443
2020-11-19 23:08:0758c390fe5845e2bb88d1d22610b0ca61Virustotal results 64 / 72 (88.89%) Ransomware.Sodinokibi192.42.116.41:443
2020-11-19 23:08:0758c390fe5845e2bb88d1d22610b0ca61Virustotal results 64 / 72 (88.89%) Ransomware.Sodinokibi192.42.116.41:443
2020-06-09 09:29:1299887b781e8a7c55043a294cf10aff16Virustotal results 62 / 71 (87.32%) Ransomware.Sodinokibi192.42.119.41:443
2020-06-09 09:29:1299887b781e8a7c55043a294cf10aff16Virustotal results 62 / 71 (87.32%) Ransomware.Sodinokibi192.42.119.41:443
2020-06-09 08:40:337925b83bdf095df87e4b63e535abdda4Virustotal results 61 / 72 (84.72%) Ransomware.Sodinokibi192.42.119.41:443
2020-06-09 08:40:337925b83bdf095df87e4b63e535abdda4Virustotal results 61 / 72 (84.72%) Ransomware.Sodinokibi192.42.119.41:443
2020-06-09 08:04:520c2c00d661dbee9e48902ce665cba5e0Virustotal results 61 / 71 (85.92%) Ransomware.Sodinokibi192.42.119.41:443
2020-06-09 08:04:520c2c00d661dbee9e48902ce665cba5e0Virustotal results 61 / 71 (85.92%) Ransomware.Sodinokibi192.42.119.41:443
2020-06-09 07:50:380aa7a8c026553f595305d1f1d01a5f26Virustotal results 62 / 73 (84.93%) Ransomware.Sodinokibi192.42.119.41:443
2020-06-09 07:50:380aa7a8c026553f595305d1f1d01a5f26Virustotal results 62 / 73 (84.93%) Ransomware.Sodinokibi192.42.119.41:443
2020-06-09 07:37:402fd61f699532fe2b0691422aa285ba17Virustotal results 64 / 72 (88.89%) Ransomware.Sodinokibi192.42.119.41:443
2020-06-09 07:37:402fd61f699532fe2b0691422aa285ba17Virustotal results 64 / 72 (88.89%) Ransomware.Sodinokibi192.42.119.41:443