SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 1b1df7078d718053312037ccfe1f867dcc593ec5.

Database Entry


SHA1 Fingerprint:1b1df7078d718053312037ccfe1f867dcc593ec5
Certificate Common Name (CN):ggfpuh626q.nl
Issuer Distinguished Name (DN):COMODO RSA Domain Validation Secure Server CA
TLS Version:TLS 1.2
First seen:2017-03-16 15:11:42 UTC
Last seen:2017-03-29 15:48:44 UTC
Status:Blacklisted
Listing reason:Malware C&C
Listing date:2017-04-01 06:15:54
Malware samples:8
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2017-03-29 15:48:4450e7975643eb0652113987737747dcaeVirustotal results 25/60 (41.67%) VirLock185.35.138.117:443
2017-03-25 17:18:06434d7dd21ae6c2a44e9aae5493b4b44dVirustotal results 9/62 (14.52%) 185.35.138.117:443
2017-03-21 02:58:1957bbfb559346d42fc145b5bac253cb38Virustotal results 21/61 (34.43%) 185.35.138.117:443
2017-03-20 08:05:15e52d44dc06f56b22fb93fe8f2583b0cbn/a185.35.138.117:443
2017-03-19 22:18:459ca70b4e800cf6ca9e1400b4a2b9cd3dVirustotal results 21/61 (34.43%) 185.35.138.117:443
2017-03-19 12:29:338a011e0753a1cd597ee50ea9a9e426e9Virustotal results 33/61 (54.10%) 185.35.138.117:443
2017-03-18 19:36:4148022b0327a73aa3401a6630a9a557e5Virustotal results 31/62 (50.00%) 185.35.138.117:443
2017-03-16 15:11:42a2720f318667a25c17b320113c3f7ce8Virustotal results 10/58 (17.24%) 185.35.138.117:443

# of entries: 8 (max: 100)