SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 28197c7350d68c4df8fbf83629bf3304b6a89f4a.
Database Entry
| SHA1 Fingerprint: | 28197c7350d68c4df8fbf83629bf3304b6a89f4a |
|---|---|
| Certificate Common Name (CN): | changeaie.top |
| Issuer Distinguished Name (DN): | WE1 |
| TLS Version: | TLS 1.2 |
| First seen: | 2025-04-11 22:27:48 UTC |
| Last seen: | 2025-04-12 18:09:37 UTC |
| Status: | Blacklisted |
| Listing reason: | LummaStealer C&C |
| Listing date: | 2025-04-13 07:23:25 |
| Malware samples: | 9 |
| Botnet C&Cs: | 2 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2025-04-12 18:09:37 | e21e5a8ba80a27be580a386a52b64d15 | n/a | 104.21.42.7:443 | |
| 2025-04-12 09:18:11 | 27de841dac910cd5fa8b31e25e9179f2 | n/a | 104.21.42.7:443 | |
| 2025-04-12 08:12:27 | e130f55133c41e91984ba551d9316d28 | n/a | 104.21.42.7:443 | |
| 2025-04-12 07:33:04 | fac9214c35af0181c30099c68920f445 | n/a | 172.67.197.226:443 | |
| 2025-04-12 00:27:06 | 5797842a42f0c81ce380267f9dd5ab2d | n/a | 172.67.197.226:443 | |
| 2025-04-12 00:24:10 | 0dbff254abf29f1adbf7f446ec4f3877 | n/a | 172.67.197.226:443 | |
| 2025-04-12 00:16:21 | ea61922dae2d227f2a8541d653801603 | n/a | 172.67.197.226:443 | |
| 2025-04-12 00:05:30 | 4f75c135ffac3afcd7de2e4a2b81d5af | n/a | 172.67.197.226:443 | |
| 2025-04-11 22:27:48 | 1d1a07ffb3d17680e6ab26cbdc0945d3 | n/a | 172.67.197.226:443 |
# of entries: 9 (max: 100)