SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 1f126ff0056b82441259c5c2eb1566a1d12cfe5b.
Database Entry
| SHA1 Fingerprint: | 1f126ff0056b82441259c5c2eb1566a1d12cfe5b |
|---|---|
| Certificate Common Name (CN): | pre.dirayat.com |
| Issuer Distinguished Name (DN): | E8 |
| TLS Version: | TLS 1.2 |
| First seen: | 2025-12-08 18:20:51 UTC |
| Last seen: | 2025-12-10 03:35:25 UTC |
| Status: | Blacklisted |
| Listing reason: | Vidar C&C |
| Listing date: | 2025-12-10 03:40:29 |
| Malware samples: | 12 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2025-12-10 03:35:25 | 79684439d37cd1604ef8c4472e2c26e2 | n/a | 49.12.118.95:443 | |
| 2025-12-10 03:35:07 | 718fd50f15c3047995e5ec5cac0c4fcf | n/a | 49.12.118.95:443 | |
| 2025-12-10 03:04:20 | 2685d42e0cf94eabc56383b0819cf31b | n/a | 49.12.118.95:443 | |
| 2025-12-10 02:59:46 | 20d9c4f57744ca86c3ccd69b8fe5ec89 | n/a | 49.12.118.95:443 | |
| 2025-12-09 16:55:07 | 0c26f7cc262919ac194a4f6ba606f0d6 | n/a | 49.12.118.95:443 | |
| 2025-12-09 15:01:19 | 9e4ef010e6100ce732c6307b236cc51d | n/a | 49.12.118.95:443 | |
| 2025-12-09 05:15:54 | f82dad3449e20de04691c0d7183c6563 | n/a | 49.12.118.95:443 | |
| 2025-12-09 04:19:56 | 5000898332df1738ab331a298dea9006 | n/a | 49.12.118.95:443 | |
| 2025-12-08 22:30:41 | 1673669134ce05a9f76a5f56146017f2 | n/a | 49.12.118.95:443 | |
| 2025-12-08 22:08:33 | aa4fd4399633f39c3893cba1a8c02abb | n/a | 49.12.118.95:443 | |
| 2025-12-08 20:14:03 | 0176d64a96a52c0d954ffb9319aba8c5 | n/a | 49.12.118.95:443 | |
| 2025-12-08 18:20:51 | bbf59de800e46d83f1390adf7321bdb1 | n/a | 49.12.118.95:443 |
# of entries: 12 (max: 100)