SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 17db8874488b8adf06b300507506c4bde048bfe2.

Database Entry


SHA1 Fingerprint:17db8874488b8adf06b300507506c4bde048bfe2
Certificate Common Name (CN):web.local/emailAddress=admin@web.local
Issuer Distinguished Name (DN):web.local/emailAddress=admin@web.local
TLS Version:TLS 1.2
First seen:2017-09-23 00:43:36 UTC
Last seen:2017-09-30 20:26:46 UTC
Status:Blacklisted
Listing reason:Smoke Loader C&C
Listing date:2017-09-23 07:38:43
Malware samples:6
Botnet C&Cs:3

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2017-09-30 20:26:4623ff8f3ef2dc7f36bcbb398739506b79Virustotal results 37/65 (56.92%) Smoke Loader 49.51.38.160:443
2017-09-28 00:43:209a7b45de1d19e4f122c741d8334cadd3Virustotal results 37/62 (59.68%) PandaZeuS 49.51.135.109:443
2017-09-27 19:04:456dca88d351509f1741b44642e6e8bc98Virustotal results 33/65 (50.77%) Smoke Loader 49.51.135.109:443
2017-09-24 08:54:38454bc7c5a054b96815fa3be271974292Virustotal results 47/65 (72.31%) Smoke Loader 49.51.135.109:443
2017-09-24 06:58:3405847769b436ef0535b39114fc765508Virustotal results 31/65 (47.69%) Smoke Loader 49.51.135.109:443
2017-09-23 00:43:3723e59f6ded0cf4ea23d187b10d34593aVirustotal results 31/65 (47.69%) Smoke Loader 47.74.154.177:443

# of entries: 6 (max: 100)