SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 1c6c184dd8b085590af57f02d0592fcdf9b7c0ac.
Database Entry
| SHA1 Fingerprint: | 1c6c184dd8b085590af57f02d0592fcdf9b7c0ac |
|---|---|
| Certificate Common Name (CN): | DcRat |
| Issuer Distinguished Name (DN): | VenomRAT Server, OU=qwqdanchun, O=DcRat By qwqdanchun, L=SH, C=CN |
| TLS Version: | TLSv1 |
| First seen: | 2021-10-27 01:12:42 UTC |
| Last seen: | 2021-12-20 09:49:02 UTC |
| Status: | Blacklisted |
| Listing reason: | DCRat C&C |
| Listing date: | 2021-12-20 15:19:22 |
| Malware samples: | 10 |
| Botnet C&Cs: | 7 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2021-12-20 09:49:02 | af2dba938c25fa4972af52864dc5199e | n/a | DCRat | 185.7.214.8:4449 |
| 2021-12-20 09:34:37 | 483940c834bbfca81273ab02cfc825ba | n/a | DCRat | 185.7.214.8:4449 |
| 2021-12-20 09:29:43 | 33e8252726b7221e76b48b3deb1f04f7 | n/a | DCRat | 185.7.214.8:4449 |
| 2021-12-06 09:02:28 | b863b3913b3b3b1cc8fd5f0cdeff1dc6 |  35 / 68 (51.47%)
| DCRat | 194.5.97.54:4449 |
| 2021-12-02 08:37:20 | 82f2aa1be8a317fc8e5b7ffa60a2859a | 35 / 67 (52.24%)
| DCRat | 3.94.85.211:1177 |
| 2021-11-30 09:21:17 | b3e7ffc2b68ac03d4d2cfbb8f3e33080 | 36 / 65 (55.38%)
| RedLineStealer | 74.119.195.9:4821 |
| 2021-11-09 08:27:52 | f1859d07065c4926796d56313d3609a4 | 5 / 58 (8.62%)
| DCRat | 194.5.97.54:4449 |
| 2021-10-28 11:44:33 | d3753fba00f39a2d48ccc123ef4ca873 | n/a | RaccoonStealer | 212.192.241.135:4449 |
| 2021-10-28 08:17:10 | f88626a1f3019e612dda6c7b93320f3f | 23 / 68 (33.82%)
| DCRat | 185.19.85.155:1609 |
| 2021-10-27 01:12:42 | fc408946a727aaf95be52485fa4df1ee | 15 / 60 (25.00%)
| 96.9.210.115:4449 |
# of entries: 10 (max: 100)