SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 135fbc73c60de86782b05078b5bc443a2610e95d.

Database Entry


SHA1 Fingerprint:135fbc73c60de86782b05078b5bc443a2610e95d
Certificate Common Name (CN):ceytbrvffplqokaeznhtcpz.biz
Issuer Distinguished Name (DN):ceytbrvffplqokaeznhtcpz.biz
TLS Version:TLS 1.2
First seen:2016-04-05 14:28:11 UTC
Last seen:2016-04-11 03:16:16 UTC
Status:Blacklisted
Listing reason:Quakbot C&C
Listing date:2016-04-06 10:13:11
Malware samples:12
Botnet C&Cs:3

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-04-11 03:16:161995ff1fbeaaa937d65223f83247145an/aQuakbot198.144.184.96:443
2016-04-09 13:04:42389a633aa5958626d84f637b7b2ac71bVirustotal results 34/57 (59.65%) Quakbot198.144.184.96:443
2016-04-09 11:53:17e5ccbcc4ee76c3a298e0221cde30344an/aQuakbot198.144.184.96:443
2016-04-09 11:25:19ea89aa5b2d83970571eec553ca34ed1an/aQuakbot198.144.184.96:443
2016-04-09 07:52:0497f91188f282c9a7a0154ce0703e8dc5Virustotal results 31/57 (54.39%) Quakbot198.144.184.96:443
2016-04-09 02:30:4522307f09f9eb77bb996f16b388adf30dn/aQuakbot198.144.184.96:443
2016-04-08 10:28:05bdf43c8cedb2f8d124ff7aff76dd8c4bVirustotal results 20/57 (35.09%) Quakbot198.144.184.96:443
2016-04-08 07:20:264346646430d264563618648452368c26n/aQuakbot198.144.184.96:443
2016-04-07 06:55:521f6744ce1df8b781931b703434667222n/aQuakbot198.144.184.96:443
2016-04-06 08:31:39fef27f751255ef1a6c932e98f8a5bbebn/aQuakbot191.101.251.23:443
2016-04-06 07:08:575e2c52b44e79b5d049f05f60121a7048n/aQuakbot191.101.251.163:443
2016-04-05 14:28:11939b3e75a19d2b7afda3f92f1e7e2fc5n/aQuakbot191.101.251.163:443

# of entries: 12 (max: 100)