SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 22c5ece6639c9ced35d6a2d45d7dc18f9d4f5256.

Database Entry

SHA1 Fingerprint:	22c5ece6639c9ced35d6a2d45d7dc18f9d4f5256
Certificate Common Name (CN):	example.com
Issuer Distinguished Name (DN):	example.com
TLS Version:	TLS 1.2
First seen:	2018-01-14 16:49:06 UTC
Last seen:	2018-01-17 06:51:58 UTC
Status:	Blacklisted
Listing reason:	TrickBot C&C
Listing date:	2018-01-19 14:48:23
Malware samples:	9
Botnet C&Cs:	1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2018-01-17 06:51:58	3d5eeaa64da02d7066e5f57c25368757	38/67 (56.72%)	TrickBot	141.255.167.124:443
2018-01-17 06:51:58	3d5eeaa64da02d7066e5f57c25368757	38/67 (56.72%)	TrickBot	141.255.167.124:443
2018-01-17 06:51:58	3d5eeaa64da02d7066e5f57c25368757	38/67 (56.72%)	TrickBot	141.255.167.124:443
2018-01-17 06:51:58	3d5eeaa64da02d7066e5f57c25368757	38/67 (56.72%)	TrickBot	141.255.167.124:443
2018-01-17 06:07:52	92168328453a4fde7e21900d6c39cafc	25/67 (37.31%)	TrickBot	141.255.167.124:443
2018-01-17 06:07:52	92168328453a4fde7e21900d6c39cafc	25/67 (37.31%)	TrickBot	141.255.167.124:443
2018-01-17 06:07:52	92168328453a4fde7e21900d6c39cafc	25/67 (37.31%)	TrickBot	141.255.167.124:443
2018-01-17 06:07:52	92168328453a4fde7e21900d6c39cafc	25/67 (37.31%)	TrickBot	141.255.167.124:443
2018-01-16 13:27:10	05b67b1e9d3d03401e456c1de02dc475	41/66 (62.12%)	TrickBot	141.255.167.124:443
2018-01-16 13:27:10	05b67b1e9d3d03401e456c1de02dc475	41/66 (62.12%)	TrickBot	141.255.167.124:443
2018-01-16 13:27:10	05b67b1e9d3d03401e456c1de02dc475	41/66 (62.12%)	TrickBot	141.255.167.124:443
2018-01-16 13:27:10	05b67b1e9d3d03401e456c1de02dc475	41/66 (62.12%)	TrickBot	141.255.167.124:443
2018-01-16 09:40:00	17b65c6a9b20f00564797f4de9ba549f	23/68 (33.82%)	Smoke Loader	141.255.167.124:443
2018-01-16 09:40:00	17b65c6a9b20f00564797f4de9ba549f	23/68 (33.82%)	Smoke Loader	141.255.167.124:443
2018-01-15 19:59:52	2c52e2654eb8e5aabcd0c680606c6497	30/67 (44.78%)	Tofsee	141.255.167.124:443
2018-01-15 19:59:52	2c52e2654eb8e5aabcd0c680606c6497	30/67 (44.78%)	Tofsee	141.255.167.124:443
2018-01-15 03:46:40	3209ffc8d8784e3a54a5ab5856473c50	10/68 (14.71%)	TrickBot	141.255.167.124:443
2018-01-15 03:46:40	3209ffc8d8784e3a54a5ab5856473c50	10/68 (14.71%)	TrickBot	141.255.167.124:443
2018-01-15 03:46:40	3209ffc8d8784e3a54a5ab5856473c50	10/68 (14.71%)	TrickBot	141.255.167.124:443
2018-01-15 03:46:40	3209ffc8d8784e3a54a5ab5856473c50	10/68 (14.71%)	TrickBot	141.255.167.124:443
2018-01-15 01:49:59	78c35246c7f586f977eb1b58916368a8	35/68 (51.47%)	TrickBot	141.255.167.124:443
2018-01-15 01:49:59	78c35246c7f586f977eb1b58916368a8	35/68 (51.47%)	TrickBot	141.255.167.124:443
2018-01-15 01:49:59	78c35246c7f586f977eb1b58916368a8	35/68 (51.47%)	TrickBot	141.255.167.124:443
2018-01-15 01:49:59	78c35246c7f586f977eb1b58916368a8	35/68 (51.47%)	TrickBot	141.255.167.124:443
2018-01-15 01:05:19	546789c1cd49bac4013f07f39f9a6f7d	27/66 (40.91%)	TrickBot	141.255.167.124:443
2018-01-15 01:05:19	546789c1cd49bac4013f07f39f9a6f7d	27/66 (40.91%)	TrickBot	141.255.167.124:443
2018-01-15 01:05:19	546789c1cd49bac4013f07f39f9a6f7d	27/66 (40.91%)	TrickBot	141.255.167.124:443
2018-01-15 01:05:19	546789c1cd49bac4013f07f39f9a6f7d	27/66 (40.91%)	TrickBot	141.255.167.124:443
2018-01-14 16:49:06	4b2df84dc2dd08256bc1192cddbd3bac	11/68 (16.18%)	TrickBot	141.255.167.124:443
2018-01-14 16:49:06	4b2df84dc2dd08256bc1192cddbd3bac	11/68 (16.18%)	TrickBot	141.255.167.124:443
2018-01-14 16:49:06	4b2df84dc2dd08256bc1192cddbd3bac	11/68 (16.18%)	TrickBot	141.255.167.124:443
2018-01-14 16:49:06	4b2df84dc2dd08256bc1192cddbd3bac	11/68 (16.18%)	TrickBot	141.255.167.124:443

# of entries: 32 (max: 100)