SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 1592d6bd7a9677d4b6b33068e53fadea15f8c793.

Database Entry


SHA1 Fingerprint:1592d6bd7a9677d4b6b33068e53fadea15f8c793
Certificate Common Name (CN):vbkypmwkdp.com
Issuer Distinguished Name (DN):vbkypmwkdp.com
TLS Version:TLS 1.2
First seen:2016-12-01 11:04:26 UTC
Last seen:2017-01-20 23:24:16 UTC
Status:Blacklisted
Listing reason:Vawtrak C&C
Listing date:2016-12-03 09:54:16
Malware samples:8
Botnet C&Cs:7

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2017-01-20 23:24:168e91c70ec3784998c893138bca22eaf1Virustotal results 28/56 (50.00%) Vawtrak 91.217.90.128:443
2017-01-19 07:32:14b7e172b37c559bc8b1d660ce89838857Virustotal results 8/56 (14.29%) Vawtrak 185.15.185.209:443
2016-12-15 19:15:016a6523b1f62fb9684353229be727d09eVirustotal results 21/57 (36.84%) Vawtrak 185.48.56.205:443
2016-12-15 10:42:029b4bbc8f7f9bfbbbf102ce01fe47e70dVirustotal results 44/57 (77.19%) Vawtrak 91.235.129.199:443
2016-12-14 21:46:223868082e4daa93d34a3fe5d7df9d1d72Virustotal results 22/57 (38.60%) Vawtrak 91.235.129.199:443
2016-12-10 21:36:55644fef3ad216be5122792c52ea1cfa2bVirustotal results 22/56 (39.29%) Vawtrak 176.114.3.48:443
2016-12-03 01:39:21aa736b6e8e55b91ce00e572befc179f4Virustotal results 33/57 (57.89%) Vawtrak 95.46.44.35:443
2016-12-01 11:04:266239a5aaa8d2ad5df942e719eabe5447Virustotal results 35/57 (61.40%) Vawtrak 188.127.237.245:443

# of entries: 8 (max: 100)