Malware Signature
The following table shows a list of malware samples and the corresponding botnet C&C (ip:port) associated with Worm.Ribaj
Database Entry
| Malware: | Worm.Ribaj |
|---|---|
| First seen: | 2019-06-13 11:19:07 UTC |
| Last seen: | 2019-06-17 02:27:27 UTC |
Malware Samples
The table below documents all malware samples associated with this malware family.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2019-06-17 02:27:27 | bc829ab349849c27f1d96e3164387a82 |  47/70 (67.14%)
| Worm.Ribaj | 176.227.191.12:2002 |
| 2019-06-17 02:27:27 | bc829ab349849c27f1d96e3164387a82 | 47/70 (67.14%)
| Worm.Ribaj | 176.227.191.12:2002 |
| 2019-06-16 19:15:36 | b869b5d88e1c4199a5bb6f1abcbfb3b6 | 44/72 (61.11%)
| Worm.Ribaj | 178.239.21.45:9030 |
| 2019-06-16 19:15:36 | b869b5d88e1c4199a5bb6f1abcbfb3b6 | 44/72 (61.11%)
| Worm.Ribaj | 178.239.21.45:9030 |
| 2019-06-13 11:19:07 | 452df4ff1d75559e05a185f1242a5c25 | 46/71 (64.79%)
| Worm.Ribaj | 95.167.151.233:9030 |
| 2019-06-13 11:19:07 | 452df4ff1d75559e05a185f1242a5c25 | 46/71 (64.79%)
| Worm.Ribaj | 95.167.151.233:9030 |