SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 1854931df56d041c0a33744a9b0111e11550deac.

Database Entry


SHA1 Fingerprint:1854931df56d041c0a33744a9b0111e11550deac
Certificate Common Name (CN):daspgpbjbj4ggg.xyz
Issuer Distinguished Name (DN):R3
TLS Version:TLS 1.2
First seen:2021-04-05 19:05:19 UTC
Last seen:2021-04-13 03:26:29 UTC
Status:Blacklisted
Listing reason:ServHelper C&C
Listing date:2021-04-05 19:21:15
Malware samples:38
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2021-04-13 03:26:29081a61eb2ed3a37fcc4b8cef618d6b8fn/aRaccoonStealer138.197.176.134:443
2021-04-13 02:36:53de468f7416e8f00376d7411151a40b62n/aRaccoonStealer138.197.176.134:443
2021-04-13 00:48:5051f9ec34c7094e6baaf3ee4a0d1bf9f4n/aRaccoonStealer138.197.176.134:443
2021-04-12 23:53:3394d3dda41bac456fc996924c8c1e3ebfn/aServHelper138.197.176.134:443
2021-04-12 20:14:07fe06dc9f47d710f5157c8512605fcbd5n/aRaccoonStealer138.197.176.134:443
2021-04-12 19:26:37ef07c2ce6a7b8c9d433276a6177c9d7cn/aRaccoonStealer138.197.176.134:443
2021-04-12 18:54:49d439bc2cc10380e8291768a3fe723a17n/aRaccoonStealer138.197.176.134:443
2021-04-12 18:42:5181f8690182d1a5aedcf21ec819da9f62n/aRaccoonStealer138.197.176.134:443
2021-04-12 17:49:41708a64ddbe35fe5c4a24c89c4c19e422n/aRaccoonStealer138.197.176.134:443
2021-04-12 15:01:11a497ad3ee82f58625ff536c2f55aba97n/aRaccoonStealer138.197.176.134:443
2021-04-12 14:25:37ec53dfbe65527636027943051d5e5051n/aRaccoonStealer138.197.176.134:443
2021-04-12 13:16:089c2efd14b822f1ccced8aff5c59a4ac4n/aRaccoonStealer138.197.176.134:443
2021-04-12 11:33:003cfa8c768120d7362a77660f004da4b3n/aRaccoonStealer138.197.176.134:443
2021-04-12 11:02:236f0211633467cf474fe12db0e92b5494n/aRaccoonStealer138.197.176.134:443
2021-04-12 10:56:16b1ddebb9122b7df39a2d87b48a9e7382n/aRaccoonStealer138.197.176.134:443
2021-04-12 09:37:575f423cfe357e4eff44f36997222c0925n/aRaccoonStealer138.197.176.134:443
2021-04-12 08:14:33714db9482272ce0717bc3b913217339fn/aRaccoonStealer138.197.176.134:443
2021-04-12 07:58:34160b82a2cebc6431fd6b9ea9f5b3bc6en/aHeodo138.197.176.134:443
2021-04-12 03:43:531a7e5faad1e77cc67ffc51f5f7861f46Virustotal results 47 / 70 (67.14%) ArkeiStealer138.197.176.134:443
2021-04-12 02:18:4040367f496f45ba45b8545f90065b6940Virustotal results 19 / 69 (27.54%) ServHelper138.197.176.134:443
2021-04-11 13:29:06525f14b5ef52b67303f332e4b2cc0deen/aRaccoonStealer138.197.176.134:443
2021-04-11 12:28:559f3bf218f82c25217d105a30a19c00cen/aRaccoonStealer138.197.176.134:443
2021-04-08 12:45:450b0248f0cc91963e8ff0cfdfe3f23156n/aRaccoonStealer138.197.176.134:443
2021-04-08 12:05:365b1567b4bf916074761e35c4b9aed3e3n/aRaccoonStealer138.197.176.134:443
2021-04-08 11:08:112d8999ab98d22f1fc4f1e47f8ec0e4c1n/aRaccoonStealer138.197.176.134:443
2021-04-08 08:55:48646089e2cde077365812909b39ce9e96n/aRaccoonStealer138.197.176.134:443
2021-04-08 08:39:37c1cc1cdf5bfe6866fba717e55bf95ed5n/aRaccoonStealer138.197.176.134:443
2021-04-08 08:04:29d0e0c989840a87d5bce2f17891527679n/aRaccoonStealer138.197.176.134:443
2021-04-08 06:05:5052cda18863f566acc4b5eff7f8f636f0n/aRaccoonStealer138.197.176.134:443
2021-04-08 05:02:535fe98645af299f9560e0054ceaba54c3n/aRaccoonStealer138.197.176.134:443
2021-04-08 04:12:31814e1e128afe1c57399a7422365d5ca0n/aRaccoonStealer138.197.176.134:443
2021-04-08 03:37:446e77f58c8e4319c474a9f69842c92197n/aRaccoonStealer138.197.176.134:443
2021-04-08 03:04:1870263ee02c915c6ab8f52d5ff9ae6ffcn/aRaccoonStealer138.197.176.134:443
2021-04-08 01:23:00ef924e09c8fe28c7bf0aed80b157fc2fn/aRaccoonStealer138.197.176.134:443
2021-04-07 22:50:13c4d8d93e4af8077f37ac67fa9dc20eabn/aRaccoonStealer138.197.176.134:443
2021-04-07 15:24:3653ceed04210af06638e1799427df96b3n/aRaccoonStealer138.197.176.134:443
2021-04-07 14:44:02c7c6b25a31a1bdd2b3b0d5aa070a270aVirustotal results 40 / 65 (61.54%) ArkeiStealer138.197.176.134:443
2021-04-05 19:05:19cbaa090104209f49dd1711191f93381en/aServHelper138.197.176.134:443

# of entries: 38 (max: 100)