SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 0d41871221706791a26203f9617b859723ffb243.

Database Entry


SHA1 Fingerprint:0d41871221706791a26203f9617b859723ffb243
Certificate Common Name (CN):relaxsaz.com/emailAddress=info@relaxsaz.com
Issuer Distinguished Name (DN):relaxsaz.com/emailAddress=info@relaxsaz.com
TLS Version:TLS 1.2
First seen:2016-01-13 11:48:56 UTC
Last seen:2016-01-18 14:43:35 UTC
Status:Blacklisted
Listing reason:Qadars C&C
Listing date:2016-01-14 09:48:27
Malware samples:11
Botnet C&Cs:3

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-01-18 14:43:354e055cfe4dafc6666ccde7d672371e85n/aQadars 185.25.116.98:443
2016-01-18 14:12:49a3cb0c1fab3a99521aaa56f048c98e1an/aQadars 185.25.118.197:443
2016-01-18 08:50:24850c739b82cd022c3af9dc1e8da5f3a3Virustotal results 38/63 (60.32%) Qadars 185.25.116.98:443
2016-01-18 08:37:17f2b62c835bded4715e25562924f375efVirustotal results 31/54 (57.41%) Qadars 185.25.116.98:443
2016-01-17 12:31:421f8343af48834db8bb4880114a13bfc4Virustotal results 34/54 (62.96%) Qadars 185.25.116.98:443
2016-01-16 19:47:235747e5b1649f8e7a12a408d5c9fd91e3n/aQadars 185.25.118.197:443
2016-01-16 13:04:5088195b10a71f70f475ba9b7d443887adVirustotal results 37/55 (67.27%) Qadars 185.25.116.98:443
2016-01-16 00:32:3626516b932307ef236cb55fc6e45600e2n/aQadars 198.55.107.114:443
2016-01-15 14:17:596ab97ab83ba982193786910ecbbce219n/aQadars 185.25.116.98:443
2016-01-14 18:08:18201646411ac981ddf3bb5ded881b7366n/aQadars 198.55.107.114:443
2016-01-13 11:48:562e7041c1e387f07ba520842734fb9257Virustotal results 2/55 (3.64%) Qadars 198.55.107.114:443

# of entries: 11 (max: 100)