SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 6cb527f1c6b5a6cf41eb34d34136a5445e57df40.
Database Entry
| SHA1 Fingerprint: | 6cb527f1c6b5a6cf41eb34d34136a5445e57df40 |
|---|---|
| Certificate Common Name (CN): | termod.pro |
| Issuer Distinguished Name (DN): | Let's Encrypt Authority X3 |
| TLS Version: | TLS 1.2 |
| First seen: | 2017-12-25 04:54:42 UTC |
| Last seen: | 2017-12-25 20:46:28 UTC |
| Status: | Blacklisted |
| Listing reason: | Downloader.AuotIT.ZLIB C&C |
| Listing date: | 2017-12-25 11:08:59 |
| Malware samples: | 3 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2017-12-25 20:46:28 | ef04ff30b9e8edcd259d20f08d4b1cb9 |  24/68 (35.29%)
| 94.177.229.24:443 | |
| 2017-12-25 20:46:28 | ef04ff30b9e8edcd259d20f08d4b1cb9 | 24/68 (35.29%)
| 94.177.229.24:443 | |
| 2017-12-25 20:43:39 | 58faea8aee6cb2e382f6394972636584 | 20/68 (29.41%)
| 94.177.229.24:443 | |
| 2017-12-25 20:43:39 | 58faea8aee6cb2e382f6394972636584 | 20/68 (29.41%)
| 94.177.229.24:443 | |
| 2017-12-25 04:54:42 | 64588df03efa9f7554c83825b3f09f7f | 22/67 (32.84%)
| Downloader.AuotIT.ZLIB | 94.177.229.24:443 |
| 2017-12-25 04:54:42 | 64588df03efa9f7554c83825b3f09f7f | 22/67 (32.84%)
| Downloader.AuotIT.ZLIB | 94.177.229.24:443 |
# of entries: 6 (max: 100)