SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 04299e1550fbfae9c4cf2f13ba149ae8b3ca901b.
Database Entry
| SHA1 Fingerprint: | 04299e1550fbfae9c4cf2f13ba149ae8b3ca901b |
|---|---|
| Certificate Common Name (CN): | mdlive.help |
| Issuer Distinguished Name (DN): | WE1 |
| TLS Version: | TLS 1.2 |
| First seen: | 2025-07-17 08:49:04 UTC |
| Last seen: | 2025-07-23 16:31:58 UTC |
| Status: | Blacklisted |
| Listing reason: | ConnectWise C&C |
| Listing date: | 2025-07-17 14:57:58 |
| Malware samples: | 3 |
| Botnet C&Cs: | 3 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2025-07-23 16:31:58 | d820c738db6d68486f1fa3b503c085fb | n/a | 104.21.96.1:443 | |
| 2025-07-22 11:37:33 | b36f219132a9db8a15f175f5f05c9abd | n/a | 104.21.64.1:443 | |
| 2025-07-17 08:49:05 | 0cd809d0bb917fe36ea198a1d9c64862 | n/a | 104.21.16.1:443 |
# of entries: 3 (max: 100)