SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 145d04c2ad96e1fb32db17181ec9af3680145935.

Database Entry

SHA1 Fingerprint:145d04c2ad96e1fb32db17181ec9af3680145935
Certificate Common Name (CN):VenomRAT
Issuer Distinguished Name (DN):VenomRAT Server, OU=Venom, O=VenomRAT By Venom, L=SH, C=CN
TLS Version:TLSv1
First seen:2023-02-17 14:20:50 UTC
Last seen:2023-10-19 16:11:35 UTC
Status:Blacklisted
Listing reason:AsyncRAT C&C
Listing date:2023-10-19 16:12:10
Malware samples:17
Botnet C&Cs:15

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2023-10-19 16:11:35fbbd8fa745a4efb592932f75386f14aeVirustotal results 6 / 72 (8.33%) AsyncRAT20.211.121.138:4449
2023-10-19 07:10:3618221ca3a79788ca82b75bd8ea337912Virustotal results 20 / 72 (27.78%) AsyncRAT20.211.121.138:4449
2023-09-21 10:36:43addca39503803ebc2679b91ec072e4eaVirustotal results 21 / 71 (29.58%) Heodo185.17.0.246:4449
2023-09-07 06:52:23b024305a361da74bd1cba92adf694dbdVirustotal results 54 / 71 (76.06%) AsyncRAT185.183.33.129:4449
2023-09-01 09:14:39b7a2f8a222e9a20ba4e1c1a2d4b11fe7Virustotal results 0 / 59 (0.00%) Formbook163.5.215.237:4449
2023-08-17 01:54:0611e35b0a2eccee472b10632837ff6483Virustotal results 45 / 71 (63.38%) Formbook185.106.94.122:4449
2023-07-11 18:51:23398b9ad0759866b89722da830a936c46Virustotal results 23 / 71 (32.39%) 193.233.133.58:5631
2023-07-11 11:38:05145c03d8b797326918ab32b688966048Virustotal results 56 / 71 (78.87%) AsyncRAT193.109.85.128:4449
2023-06-19 15:39:51194be7bd1da9f491a49e1f8bb5330392n/a91.134.150.158:4449
2023-05-27 14:22:49aa85abbc1f3bcc19ba6d9c6bd1136dd9Virustotal results 52 / 71 (73.24%) AsyncRAT144.202.52.245:4449
2023-05-27 07:27:230b4fc8064e349eadcbe846fb9a8e8ba2Virustotal results 53 / 71 (74.65%) AsyncRAT144.202.52.245:4449
2023-05-15 02:35:04b05249c587e187e96cdc188915358532Virustotal results 50 / 71 (70.42%) AsyncRAT87.121.221.16:4449
2023-04-21 12:09:52ad32ea597fac4a72be0d2ff895d9092dVirustotal results 55 / 70 (78.57%) AsyncRAT104.243.37.167:4449
2023-04-02 10:35:01078657ac502b6d8abd3614f6445f02faVirustotal results 54 / 69 (78.26%) AsyncRAT185.246.220.251:5555
2023-02-26 23:07:213ebb0f1557af0bb23ff40eca3a14767dVirustotal results 38 / 68 (55.88%) Formbook89.38.131.104:4449
2023-02-26 16:39:34b5d35ca8aebce25fa93596e5a952cac0Virustotal results 41 / 67 (61.19%) AsyncRAT91.134.187.20:4449
2023-02-17 14:20:50bc1722ec205a1c5ed34b8766971fe608Virustotal results 18 / 66 (27.27%) 179.43.142.197:5789

# of entries: 17 (max: 100)