SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 10e70548ddee0ff53fe62247bf1b7075a30aa5a2.

Database Entry


SHA1 Fingerprint:10e70548ddee0ff53fe62247bf1b7075a30aa5a2
Certificate Common Name (CN):afditnzurh.xyz
Issuer Distinguished Name (DN):R3
TLS Version:TLS 1.2
First seen:2021-05-27 00:26:56 UTC
Last seen:2021-06-15 01:57:25 UTC
Status:Blacklisted
Listing reason:ServHelper C&C
Listing date:2021-06-15 06:28:08
Malware samples:8
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2021-06-15 01:57:251097ecc48f8d2b1186d3a906a2259aafn/aServHelper5.181.156.140:443
2021-06-11 18:40:18700491a8da7b872de1658d5ef86139aaVirustotal results 29 / 70 (41.43%) RaccoonStealer5.181.156.140:443
2021-06-06 12:39:50f062e49b4f9e598d99042b98f9419d6dn/aServHelper5.181.156.140:443
2021-06-01 06:26:44f603cd3ce2a0ba38fbcd43c1ee03dd63Virustotal results 35 / 70 (50.00%) CryptBot5.181.156.140:443
2021-05-29 00:27:18698f5d1ffeffdd7ed9e0001fac107f05Virustotal results 28 / 68 (41.18%) ArkeiStealer5.181.156.140:443
2021-05-28 20:26:45d2f3ad8d06c8654416ea4c57296ca6edn/aServHelper5.181.156.140:443
2021-05-27 19:11:175145253c268969fd0117f2bfe00d4227Virustotal results 18 / 69 (26.09%) 5.181.156.140:443
2021-05-27 00:26:564c9bb1adf101943c077c224a224ed490Virustotal results 13 / 69 (18.84%) ServHelper5.181.156.140:443

# of entries: 8 (max: 100)