SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 0dee94cca8a85c6b6de16d889b90584b056cff74.
Database Entry
| SHA1 Fingerprint: | 0dee94cca8a85c6b6de16d889b90584b056cff74 |
|---|---|
| Certificate Common Name (CN): | marinova.am |
| Issuer Distinguished Name (DN): | COMODO RSA Domain Validation Secure Server CA |
| TLS Version: | TLS 1.2 |
| First seen: | 2016-03-12 05:51:32 UTC |
| Last seen: | 2016-03-18 23:00:30 UTC |
| Status: | Blacklisted |
| Listing reason: | Quakbot C&C |
| Listing date: | 2016-03-12 08:37:36 |
| Malware samples: | 3 |
| Botnet C&Cs: | 3 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-03-18 23:00:30 | b950de964cd4616283f7c72f46405eed |  37/56 (66.07%)
| Quakbot | 80.252.253.111:443 |
| 2016-03-18 23:00:30 | b950de964cd4616283f7c72f46405eed | 37/56 (66.07%)
| Quakbot | 80.252.253.111:443 |
| 2016-03-18 22:38:57 | 05a4b2bd23be8ccd6abcb30b7c6b9666 | n/a | Quakbot | 213.154.202.88:443 |
| 2016-03-18 22:38:57 | 05a4b2bd23be8ccd6abcb30b7c6b9666 | n/a | Quakbot | 213.154.202.88:443 |
| 2016-03-12 05:51:32 | c62c0537bf4c6a0448a31f98604e1b32 | 33/56 (58.93%)
| Quakbot | 130.255.55.6:443 |
| 2016-03-12 05:51:32 | c62c0537bf4c6a0448a31f98604e1b32 | 33/56 (58.93%)
| Quakbot | 130.255.55.6:443 |
# of entries: 6 (max: 100)