SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 0de22bad561578e8ba0cd97cc7deb4f56c015e8d.

Database Entry


SHA1 Fingerprint:0de22bad561578e8ba0cd97cc7deb4f56c015e8d
Certificate Common Name (CN):Orcus Server
Issuer Distinguished Name (DN):Orcus Server
TLS Version:TLSv1
First seen:2020-12-14 08:23:47 UTC
Last seen:2020-12-14 08:28:28 UTC
Status:Blacklisted
Listing reason:OrcusRAT C&C
Listing date:2020-12-14 20:02:18
Malware samples:5
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2020-12-14 08:28:28fd85c676af614c524f6a6ccb49d67e88Virustotal results 51 / 69 (73.91%) OrcusRAT 104.248.32.109:22998
2020-12-14 08:27:194cd06e699bd04d6673fe1f2d4558751bVirustotal results 56 / 69 (81.16%) OrcusRAT 104.248.32.109:22998
2020-12-14 08:24:49577f4065b6663546c9212099af81f51fVirustotal results 54 / 69 (78.26%) OrcusRAT 104.248.32.109:22998
2020-12-14 08:24:173f6eac5e302d3ab1afea43f7082ecd38Virustotal results 55 / 70 (78.57%) OrcusRAT 104.248.32.109:22998
2020-12-14 08:23:477d31523388e3b0b49c6dcee00a48f16aVirustotal results 47 / 71 (66.20%) OrcusRAT 104.248.32.109:22998

# of entries: 5 (max: 100)