SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 19df51915fbd546226fbad5981b3b67998824486.

Database Entry

SHA1 Fingerprint:19df51915fbd546226fbad5981b3b67998824486
Certificate Common Name (CN):domain.com/O=My Company Name LTD./C=US
Issuer Distinguished Name (DN):domain.com/O=My Company Name LTD./C=US
TLS Version:TLS 1.2
First seen:2017-12-04 20:56:38 UTC
Last seen:2018-03-21 14:24:33 UTC
Status:Blacklisted
Listing reason:PandaZeuS C&C
Listing date:2017-12-21 09:43:26
Malware samples:5
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2018-03-21 14:24:33b0fe5d221d83036360e9d78c7da2cf1fVirustotal results 45/68 (66.18%) Smoke Loader 27.102.107.50:443
2018-03-21 14:24:33b0fe5d221d83036360e9d78c7da2cf1fVirustotal results 45/68 (66.18%) Smoke Loader 27.102.107.50:443
2017-12-20 22:02:5847f00d7c0b85ab39aa745ff0034073a5Virustotal results 25/68 (36.76%) PandaZeuS 27.102.107.50:443
2017-12-20 22:02:5847f00d7c0b85ab39aa745ff0034073a5Virustotal results 25/68 (36.76%) PandaZeuS 27.102.107.50:443
2017-12-19 16:03:572de67d314664c8b0dc3eb3dd5ff92707Virustotal results 44/68 (64.71%) Smoke Loader 27.102.107.50:443
2017-12-19 16:03:572de67d314664c8b0dc3eb3dd5ff92707Virustotal results 44/68 (64.71%) Smoke Loader 27.102.107.50:443
2017-12-18 13:36:249dcb718d351f6779044e56c9b8b2a985Virustotal results 53/68 (77.94%) Smoke Loader 27.102.107.50:443
2017-12-18 13:36:249dcb718d351f6779044e56c9b8b2a985Virustotal results 53/68 (77.94%) Smoke Loader 27.102.107.50:443
2017-12-04 20:56:38e69f25769ac59726cea6218d618d0ae2Virustotal results 36/68 (52.94%) Tofsee 27.102.107.50:443
2017-12-04 20:56:38e69f25769ac59726cea6218d618d0ae2Virustotal results 36/68 (52.94%) Tofsee 27.102.107.50:443

# of entries: 10 (max: 100)