SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 1bab120329193c9d766a49c9e820bf4987091c05.
Database Entry
| SHA1 Fingerprint: | 1bab120329193c9d766a49c9e820bf4987091c05 |
|---|---|
| Certificate Common Name (CN): | umbragequartz.pro |
| Issuer Distinguished Name (DN): | WE1 |
| TLS Version: | TLS 1.2 |
| First seen: | 2025-08-22 00:51:38 UTC |
| Last seen: | 2025-08-25 17:14:39 UTC |
| Status: | Blacklisted |
| Listing reason: | DeerStealer C&C |
| Listing date: | 2025-08-22 15:16:52 |
| Malware samples: | 33 |
| Botnet C&Cs: | 6 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2025-08-25 17:14:39 | 77a285a02fa4c328a0b4b57cdba78fc5 | n/a | 104.21.96.1:443 | |
| 2025-08-23 16:18:31 | 1051ff080e7c8442661d4b92e5663afd | n/a | 104.21.80.1:443 | |
| 2025-08-23 15:43:39 | 410fab01010f56717a0f758235241266 | n/a | 104.21.80.1:443 | |
| 2025-08-23 14:42:39 | 0a73ccebae870617ba614de5298a95c1 | n/a | 104.21.80.1:443 | |
| 2025-08-23 14:34:07 | a927f3455eddcf6dfa76531d0a14d9fa | n/a | 104.21.80.1:443 | |
| 2025-08-23 08:35:32 | a5e08a8e37a1ca38e8259d21e1a512e4 | n/a | 104.21.48.1:443 | |
| 2025-08-23 07:36:07 | 158ae9becbae2191bcb1a72b70af39e4 | n/a | 104.21.80.1:443 | |
| 2025-08-23 01:39:23 | 5eef8263f09948c44e38b1b4d83aca01 | n/a | 104.21.96.1:443 | |
| 2025-08-22 22:39:14 | 4b7652a7e771a8d56c1d9809dba840f8 | n/a | 104.21.80.1:443 | |
| 2025-08-22 20:54:39 | 6f7003fd0cb10fe61bedeeb24eef3e7d | n/a | 104.21.48.1:443 | |
| 2025-08-22 18:13:09 | 129914c3124a6fba249b61232b697325 | n/a | 104.21.80.1:443 | |
| 2025-08-22 15:53:40 | fe50b164672818624b6a4ff4d3ab46c0 | n/a | 104.21.112.1:443 | |
| 2025-08-22 14:15:03 | f9cb8d36bee2cd556e674cd4daaef914 | n/a | 104.21.16.1:443 | |
| 2025-08-22 12:21:08 | f64b70b9f3fdac182f0cea5e645cc3f9 | n/a | 104.21.112.1:443 | |
| 2025-08-22 11:23:30 | f0d745ec223edd7a52ce8dcfaddb067f | n/a | 104.21.80.1:443 | |
| 2025-08-22 10:26:02 | eb7a732b938a3f252de9d3cce71bae8f | n/a | 104.21.16.1:443 | |
| 2025-08-22 10:11:59 | ac3ee999d900b080b340711445558984 | n/a | 104.21.16.1:443 | |
| 2025-08-22 09:56:55 | e95166f3c19b76fe8b9ff0a15f044654 | n/a | 104.21.48.1:443 | |
| 2025-08-22 09:51:47 | e79c807bc7a24af643f7db1f8d9c768b | n/a | 104.21.48.1:443 | |
| 2025-08-22 09:38:39 | e3dab0987606478b180bca03483ff7e1 | n/a | 104.21.96.1:443 | |
| 2025-08-22 09:14:32 | e2a8c347caacc48e67cb354ed5a7330d | n/a | 104.21.32.1:443 | |
| 2025-08-22 08:49:47 | d2333cee92f475ef66087bd38c70151b | n/a | 104.21.32.1:443 | |
| 2025-08-22 08:42:39 | dd178b8fbda43c878500bb0f98175683 | n/a | 104.21.96.1:443 | |
| 2025-08-22 08:40:22 | d88c583edcdf4c601ef2ad982062813f | n/a | 104.21.32.1:443 | |
| 2025-08-22 06:26:50 | c8a916ab58fffee7deea55777cd4f6c6 | n/a | 104.21.80.1:443 | |
| 2025-08-22 05:56:15 | aabca964dd4c069326da92fd844cf4d5 | n/a | 104.21.16.1:443 | |
| 2025-08-22 04:00:15 | bd6ba24f9105aaf92f71522a1081d6d3 | n/a | 104.21.32.1:443 | |
| 2025-08-22 03:33:26 | a066b9b924f1eeb89878292b8b80588b | n/a | 104.21.48.1:443 | |
| 2025-08-22 03:31:46 | 34605c481d91c02f4faa8a9d03009439 | n/a | 104.21.32.1:443 | |
| 2025-08-22 02:06:05 | 9befe0aac6873db65f3018f4139ce096 | n/a | 104.21.112.1:443 | |
| 2025-08-22 01:52:06 | 8bb4d32784f1483132d85be827b9963e | n/a | 104.21.32.1:443 | |
| 2025-08-22 01:01:07 | 8dbb688c7e3daec0cd9eac623d6bd5d4 | n/a | 104.21.112.1:443 | |
| 2025-08-22 00:51:38 | 99d6c2dedacf6d7e2f4d8e16dce67231 | n/a | 104.21.48.1:443 |
# of entries: 33 (max: 100)