SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 2431ed7de8a7c0d747bbcdef2ed5b06fa31fd63d.

Database Entry


SHA1 Fingerprint:2431ed7de8a7c0d747bbcdef2ed5b06fa31fd63d
Certificate Common Name (CN):zewaplus.club
Issuer Distinguished Name (DN):WE1
TLS Version:TLS 1.2
First seen:2026-06-30 14:00:46 UTC
Last seen:2026-07-02 06:13:24 UTC
Status:Blacklisted
Listing reason:Vidar C&C
Listing date:2026-07-02 07:22:08
Malware samples:16
Botnet C&Cs:2

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2026-07-02 06:13:24eadb7e8c485acc5dffa206687c7def38n/a172.67.165.144:443
2026-07-02 06:12:273f8c4f0db988a8f8cfe871f20860e786n/a172.67.165.144:443
2026-07-02 00:54:0098b16a9222bced3f2ff4e53d79c753b0n/a104.21.42.198:443
2026-07-01 18:34:465174acab68d3ec42c3980a78848ce61cn/a172.67.165.144:443
2026-07-01 18:31:28b220346bb6ed695fbb4d65495c57da1fn/a104.21.42.198:443
2026-07-01 13:23:446aa3e18f741881f8e0e3b80c3ffbfaecn/a104.21.42.198:443
2026-07-01 09:00:59448c996462319d8696abf9cb6ca4253dn/a172.67.165.144:443
2026-07-01 07:40:35d82e38f335b56549a357c8922a1a49c1n/a104.21.42.198:443
2026-07-01 06:53:088ee4cca7cea784104aee6b6ec72f9d1cn/a104.21.42.198:443
2026-07-01 06:13:552f0245246edfb7e3ab15b4abbd23b642n/a104.21.42.198:443
2026-07-01 06:13:07706760335d4d64e0fb48eab44af2a2d5n/a172.67.165.144:443
2026-07-01 05:41:20cade024f76280e7676f22e73f41ec7e7n/a172.67.165.144:443
2026-07-01 04:02:56e3c08de6df19c49733949cf6622ef1b9n/a172.67.165.144:443
2026-06-30 19:39:3885fb231ecb3fb2c3880b29be30034b86n/a104.21.42.198:443
2026-06-30 17:33:211d4af710fe25731ce871ae099b342ae2n/a104.21.42.198:443
2026-06-30 14:00:460d5a471e346234b7367b8422c295c850n/a172.67.165.144:443

# of entries: 16 (max: 100)