SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint a5d700a98f78954201843486f334fd75718f91ed.

Database Entry


SHA1 Fingerprint:a5d700a98f78954201843486f334fd75718f91ed
Certificate Common Name (CN):m3uavnwmer.nl
Issuer Distinguished Name (DN):COMODO RSA Domain Validation Secure Server CA
TLS Version:TLS 1.2
First seen:2017-03-31 04:19:27 UTC
Last seen:2017-04-04 17:50:57 UTC
Status:Blacklisted
Listing reason:Malware C&C
Listing date:2017-04-01 06:16:39
Malware samples:6
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2017-04-04 17:50:5795572f033ab8fda90b1957c2b9b64907n/a185.35.138.117:443
2017-04-04 17:50:5795572f033ab8fda90b1957c2b9b64907n/a185.35.138.117:443
2017-03-31 23:29:30829bc2f550a50f481f62300318131a19Virustotal results 10/61 (16.39%) 185.35.138.117:443
2017-03-31 23:29:30829bc2f550a50f481f62300318131a19Virustotal results 10/61 (16.39%) 185.35.138.117:443
2017-03-31 23:04:167b7fdeeba1ad03034badfa0fb3c701c7Virustotal results 15/62 (24.19%) 185.35.138.117:443
2017-03-31 23:04:167b7fdeeba1ad03034badfa0fb3c701c7Virustotal results 15/62 (24.19%) 185.35.138.117:443
2017-03-31 10:52:2967f7563b22c5780b86f1cd480503fe9bVirustotal results 36/60 (60.00%) 185.35.138.117:443
2017-03-31 10:52:2967f7563b22c5780b86f1cd480503fe9bVirustotal results 36/60 (60.00%) 185.35.138.117:443
2017-03-31 09:48:4119ab46815e43dc9a585cdfc49f8ad059Virustotal results 12/61 (19.67%) 185.35.138.117:443
2017-03-31 09:48:4119ab46815e43dc9a585cdfc49f8ad059Virustotal results 12/61 (19.67%) 185.35.138.117:443
2017-03-31 04:19:282acac29617ace72190e5424ab3ebb2c4Virustotal results 40/62 (64.52%) 185.35.138.117:443
2017-03-31 04:19:282acac29617ace72190e5424ab3ebb2c4Virustotal results 40/62 (64.52%) 185.35.138.117:443

# of entries: 12 (max: 100)