SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 235b673cf750b75b971b45c867f1f6aa23c584ac.
Database Entry
| SHA1 Fingerprint: | 235b673cf750b75b971b45c867f1f6aa23c584ac |
|---|---|
| Certificate Common Name (CN): | C=ff, L=Default City, O=Default Company Ltd |
| Issuer Distinguished Name (DN): | C=ff, L=Default City, O=Default Company Ltd |
| TLS Version: | TLS 1.2 |
| First seen: | 2016-11-19 20:06:43 UTC |
| Last seen: | 2016-11-24 22:30:58 UTC |
| Status: | Blacklisted |
| Listing reason: | Vawtrak C&C |
| Listing date: | 2016-11-21 09:08:08 |
| Malware samples: | 4 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-11-24 22:30:58 | 4246c65973c36493c517dd67191626ea |  23/57 (40.35%)
| Vawtrak | 195.123.211.126:443 |
| 2016-11-24 22:30:58 | 4246c65973c36493c517dd67191626ea | 23/57 (40.35%)
| Vawtrak | 195.123.211.126:443 |
| 2016-11-24 19:51:28 | a0013a9dade98d25c57f2ec89e8a1d40 | 21/57 (36.84%)
| Vawtrak | 195.123.211.126:443 |
| 2016-11-24 19:51:28 | a0013a9dade98d25c57f2ec89e8a1d40 | 21/57 (36.84%)
| Vawtrak | 195.123.211.126:443 |
| 2016-11-24 17:29:38 | 88fc2b588007e71c9c9db91f6e9609f8 | n/a | Vawtrak | 195.123.211.126:443 |
| 2016-11-24 17:29:38 | 88fc2b588007e71c9c9db91f6e9609f8 | n/a | Vawtrak | 195.123.211.126:443 |
| 2016-11-19 20:06:43 | ef8f9c41f0538b99d2f4b20e437b94a3 | 36/56 (64.29%)
| Vawtrak | 195.123.211.126:443 |
| 2016-11-19 20:06:43 | ef8f9c41f0538b99d2f4b20e437b94a3 | 36/56 (64.29%)
| Vawtrak | 195.123.211.126:443 |
# of entries: 8 (max: 100)