Malware Signature

The following table shows a list of malware samples and the corresponding botnet C&C (ip:port) associated with TA505

Database Entry


Malware:TA505
First seen:2019-11-22 09:15:50 UTC
Last seen:2020-09-09 17:39:39 UTC

Malware Samples


The table below documents all malware samples associated with this malware family.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2020-09-09 17:39:392077ef494e6f126e0aeaad3511e191a9n/aTA50592.38.149.158:443
2020-09-09 17:39:392077ef494e6f126e0aeaad3511e191a9n/aTA50592.38.149.158:443
2020-09-09 14:10:060dddf693f6a707ce26853edfb256e447n/aTA50592.38.149.158:443
2020-09-09 14:10:060dddf693f6a707ce26853edfb256e447n/aTA50592.38.149.158:443
2020-09-03 12:50:319fbbad6053cc078a8c120805d4628a3en/aTA5055.188.0.82:443
2020-09-03 12:50:319fbbad6053cc078a8c120805d4628a3en/aTA5055.188.0.82:443
2020-09-03 10:38:2080702fb948d44e2b1a769acb225cb8cfn/aTA5055.188.0.82:443
2020-09-03 10:38:2080702fb948d44e2b1a769acb225cb8cfn/aTA5055.188.0.82:443
2020-08-07 12:41:57b94f6017c84b8ddd8d34c1eea68439e1n/aTA50523.163.0.37:443
2020-08-07 12:41:57b94f6017c84b8ddd8d34c1eea68439e1n/aTA50523.163.0.37:443
2020-08-07 11:49:061a8727b479697594458780748ee93915n/aTA50523.163.0.37:443
2020-08-07 11:49:061a8727b479697594458780748ee93915n/aTA50523.163.0.37:443
2020-08-07 11:48:337aa8e1728761ea07e5b6d91d81de319dn/aTA50523.163.0.37:443
2020-08-07 11:48:337aa8e1728761ea07e5b6d91d81de319dn/aTA50523.163.0.37:443
2020-08-07 11:39:307998912a9e1a1d26d6a6e453203acadan/aTA50523.163.0.37:443
2020-08-07 11:39:307998912a9e1a1d26d6a6e453203acadan/aTA50523.163.0.37:443
2020-07-06 14:51:42779a1231de8ddd8646f60fdc7505fbf2n/aTA505185.33.85.47:443
2020-07-06 14:51:42779a1231de8ddd8646f60fdc7505fbf2n/aTA505185.33.85.47:443
2020-07-03 10:29:23bb921af7b9c502c207b6f40fa9937cb7Virustotal results 27 / 61 (44.26%) TA5055.188.4.174:443
2020-07-03 10:29:23bb921af7b9c502c207b6f40fa9937cb7Virustotal results 27 / 61 (44.26%) TA5055.188.4.174:443
2020-07-02 12:27:18f06bc26fde7e1f80172495ac3bf818d3n/aTA50579.141.166.229:443
2020-07-02 12:27:18f06bc26fde7e1f80172495ac3bf818d3n/aTA50579.141.166.229:443
2020-06-29 14:03:48e364bc23f2f96aad7566e86ec0248415n/aTA5055.188.228.47:443
2020-06-29 14:03:48e364bc23f2f96aad7566e86ec0248415n/aTA5055.188.228.47:443
2020-06-29 13:39:1147dae4f16cf2d6e426c92d11b61d5f3bn/aTA5055.188.228.47:443
2020-06-29 13:39:1147dae4f16cf2d6e426c92d11b61d5f3bn/aTA5055.188.228.47:443
2020-06-29 12:10:1410c5f13895dc723a2d5e2bfbed156b77n/aTA5055.188.228.47:443
2020-06-29 12:10:1410c5f13895dc723a2d5e2bfbed156b77n/aTA5055.188.228.47:443
2020-06-26 13:49:3607647605ff555d2eb03b730fbedc1f0dn/aTA5055.188.228.46:443
2020-06-26 13:49:3607647605ff555d2eb03b730fbedc1f0dn/aTA5055.188.228.46:443
2020-06-25 12:47:2174246fe79113651fff96db002abb9d86n/aTA505185.105.1.165:443
2020-06-25 12:47:2174246fe79113651fff96db002abb9d86n/aTA505185.105.1.165:443
2020-06-25 12:38:1390f72319caf6458c1308e94bfb257f7cn/aTA505185.105.1.165:443
2020-06-25 12:38:1390f72319caf6458c1308e94bfb257f7cn/aTA505185.105.1.165:443
2020-06-24 12:54:02439ac254ab26539ec305b18e10ccc516n/aTA505185.105.1.161:443
2020-06-24 12:54:02439ac254ab26539ec305b18e10ccc516n/aTA505185.105.1.161:443
2020-06-23 12:49:34a739b777711e6c4fed6c9cec2cb01b80n/aTA50551.195.35.9:443
2020-06-23 12:49:34a739b777711e6c4fed6c9cec2cb01b80n/aTA50551.195.35.9:443
2020-06-23 12:44:41fdfa678581b990c3e05e72c85d11f612Virustotal results 24 / 62 (38.71%) TA50551.195.35.9:443
2020-06-23 12:44:41fdfa678581b990c3e05e72c85d11f612Virustotal results 24 / 62 (38.71%) TA50551.195.35.9:443
2020-06-22 13:26:157b1f3560e1a46d87cdcecf186a5e05f8n/aTA505185.82.126.221:443
2020-06-22 13:26:157b1f3560e1a46d87cdcecf186a5e05f8n/aTA505185.82.126.221:443
2020-06-22 12:37:35e796d64a1dbe3675a6d7ae12f33c8ca2n/aTA505185.82.126.221:443
2020-06-22 12:37:35e796d64a1dbe3675a6d7ae12f33c8ca2n/aTA505185.82.126.221:443
2020-06-18 11:58:20fbc81a3b9d5ac64f8255e7212bbef7f8n/aTA505185.176.222.156:443
2020-06-18 11:58:20fbc81a3b9d5ac64f8255e7212bbef7f8n/aTA505185.176.222.156:443
2020-06-18 11:39:41915ab7cfbc6b754138bdc7ecdea79c48n/aTA505185.176.222.156:443
2020-06-18 11:39:41915ab7cfbc6b754138bdc7ecdea79c48n/aTA505185.176.222.156:443
2020-06-16 11:23:0140478ee98dbed57b543b185fefe040e0n/aTA505195.123.245.187:443
2020-06-16 11:23:0140478ee98dbed57b543b185fefe040e0n/aTA505195.123.245.187:443
2020-06-16 10:50:13827968f27c48b6f592a519e5a18572bbn/aTA505195.123.245.187:443
2020-06-16 10:50:13827968f27c48b6f592a519e5a18572bbn/aTA505195.123.245.187:443
2020-06-16 10:45:22b24573232df8a4bc23094f8f8fc7f6aan/aTA505195.123.245.187:443
2020-06-16 10:45:22b24573232df8a4bc23094f8f8fc7f6aan/aTA505195.123.245.187:443
2020-06-15 14:11:11bc721ab278a70dd7a13c4e0583489190n/aTA50579.141.166.200:443
2020-06-15 14:11:11bc721ab278a70dd7a13c4e0583489190n/aTA50579.141.166.200:443
2020-06-12 15:00:320aab6d01bd5672e776682859d42dcd35n/aTA5055.149.253.194:443
2020-06-12 15:00:320aab6d01bd5672e776682859d42dcd35n/aTA5055.149.253.194:443
2020-02-23 09:06:17cb75ce620e35f91a860918b3f79836a7Virustotal results 29 / 58 (50.00%) TA505195.123.246.12:443
2020-02-23 09:06:17cb75ce620e35f91a860918b3f79836a7Virustotal results 29 / 58 (50.00%) TA505195.123.246.12:443
2020-02-21 14:22:13f507282f87f5101a4e7621e0638e238dn/aTA50545.66.250.112:443
2020-02-21 14:22:13f507282f87f5101a4e7621e0638e238dn/aTA50545.66.250.112:443
2020-02-13 12:34:55f66789b8814d0928707da0e2f5188d72n/aTA50592.38.184.121:443
2020-02-13 12:34:55f66789b8814d0928707da0e2f5188d72n/aTA50592.38.184.121:443
2020-02-05 14:11:47e97805384f3697f8ca93ecf0b12e54e0Virustotal results 32 / 59 (54.24%) TA505185.176.222.44:443
2020-02-05 14:11:47e97805384f3697f8ca93ecf0b12e54e0Virustotal results 32 / 59 (54.24%) TA505185.176.222.44:443
2020-01-23 14:20:083b39bc878ccf46c69fe70678638c62daVirustotal results 30 / 58 (51.72%) TA505190.211.254.23:443
2020-01-23 14:20:083b39bc878ccf46c69fe70678638c62daVirustotal results 30 / 58 (51.72%) TA505190.211.254.23:443
2020-01-17 17:18:16c3c484eb1a5c93bda75c35d6323d3d44Virustotal results 26 / 58 (44.83%) TA50595.217.17.191:443
2020-01-17 17:18:16c3c484eb1a5c93bda75c35d6323d3d44Virustotal results 26 / 58 (44.83%) TA50595.217.17.191:443
2019-12-09 22:23:148abdb37c1e1b3b4a09af52e1bf2d573cn/aTA50545.67.229.220:443
2019-12-09 22:23:148abdb37c1e1b3b4a09af52e1bf2d573cn/aTA50545.67.229.220:443
2019-12-09 20:33:434f2148f9a0f2a13d2d1cee4f8d2468edVirustotal results 29 / 60 (48.33%) TA50545.67.229.220:443
2019-12-09 20:33:434f2148f9a0f2a13d2d1cee4f8d2468edVirustotal results 29 / 60 (48.33%) TA50545.67.229.220:443
2019-11-22 17:42:4146349f7fa535186c5d508f1ba20f052cVirustotal results 22/59 (37.29%) TA50545.67.231.175:443
2019-11-22 17:42:4146349f7fa535186c5d508f1ba20f052cVirustotal results 22/59 (37.29%) TA50545.67.231.175:443
2019-11-22 17:38:064c67e34f9db92a3c613977b02296ea89Virustotal results 22/58 (37.93%) TA50545.67.231.175:443
2019-11-22 17:38:064c67e34f9db92a3c613977b02296ea89Virustotal results 22/58 (37.93%) TA50545.67.231.175:443
2019-11-22 17:19:00ef173fc85966003480eb7d5222289b77n/aTA50545.67.231.175:443
2019-11-22 17:19:00ef173fc85966003480eb7d5222289b77n/aTA50545.67.231.175:443
2019-11-22 14:10:4061f93d785f480de6afe414655950cebcVirustotal results 23/58 (39.66%) TA50545.67.231.175:443
2019-11-22 14:10:4061f93d785f480de6afe414655950cebcVirustotal results 23/58 (39.66%) TA50545.67.231.175:443
2019-11-22 13:30:3177cb6b2e9c0ef53b384b239f275a2464Virustotal results 14 / 57 (24.56%) TA50545.67.231.175:443
2019-11-22 13:30:3177cb6b2e9c0ef53b384b239f275a2464Virustotal results 14 / 57 (24.56%) TA50545.67.231.175:443
2019-11-22 09:25:3352fdd92d03db93ea6d59bbdb5a89f096Virustotal results 21/58 (36.21%) TA50545.67.231.175:443
2019-11-22 09:25:3352fdd92d03db93ea6d59bbdb5a89f096Virustotal results 21/58 (36.21%) TA50545.67.231.175:443
2019-11-22 09:19:41efea6776b815a4375ec8755c970541dbVirustotal results 18/59 (30.51%) TA50545.67.231.175:443
2019-11-22 09:19:41efea6776b815a4375ec8755c970541dbVirustotal results 18/59 (30.51%) TA50545.67.231.175:443
2019-11-22 09:15:5091ae61c1417faaa7f63a8529df212358Virustotal results 24/58 (41.38%) TA50545.67.231.175:443
2019-11-22 09:15:5091ae61c1417faaa7f63a8529df212358Virustotal results 24/58 (41.38%) TA50545.67.231.175:443