SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 336c3ccda369bf0c6e498622e43d9a6f2e9cf76f.

Database Entry

SHA1 Fingerprint:	336c3ccda369bf0c6e498622e43d9a6f2e9cf76f
Certificate Common Name (CN):	we'd.info
Issuer Distinguished Name (DN):	we'd.info
TLS Version:	TLS 1.2
First seen:	2019-04-22 13:08:59 UTC
Last seen:	2019-06-06 04:05:08 UTC
Status:	Blacklisted
Listing reason:	IcedID C&C
Listing date:	2019-04-24 12:04:15
Malware samples:	32
Botnet C&Cs:	5

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2019-06-06 04:05:08	21bd289bf969b243f5613164473af416	11/73 (15.07%)	TrickBot	195.69.187.86:443
2019-06-06 04:05:08	21bd289bf969b243f5613164473af416	11/73 (15.07%)	TrickBot	195.69.187.86:443
2019-06-06 04:05:08	21bd289bf969b243f5613164473af416	11/73 (15.07%)	TrickBot	195.69.187.86:443
2019-06-06 04:05:08	21bd289bf969b243f5613164473af416	11/73 (15.07%)	TrickBot	195.69.187.86:443
2019-05-30 23:16:07	68895b8073cd17551577c70a84684d53	18/70 (25.71%)	IcedID	195.69.187.86:443
2019-05-30 23:16:07	68895b8073cd17551577c70a84684d53	18/70 (25.71%)	IcedID	195.69.187.86:443
2019-05-29 01:07:58	8bdc942ce2ca234b8d762645612aabc9	47/73 (64.38%)	IcedID	195.69.187.86:443
2019-05-29 01:07:58	8bdc942ce2ca234b8d762645612aabc9	47/73 (64.38%)	IcedID	195.69.187.86:443
2019-05-24 10:44:56	65621e5fbb69031c7a8e0dcd2346a3af	45/71 (63.38%)	IcedID	195.69.187.86:443
2019-05-24 10:44:56	65621e5fbb69031c7a8e0dcd2346a3af	45/71 (63.38%)	IcedID	195.69.187.86:443
2019-05-23 23:54:45	c1e60805e2a84cdfd1b94e408d5f00e6	25/70 (35.71%)	IcedID	195.69.187.86:443
2019-05-23 23:54:45	c1e60805e2a84cdfd1b94e408d5f00e6	25/70 (35.71%)	IcedID	195.69.187.86:443
2019-05-13 14:21:15	0e0f20bf0b8dcfee3805b123b8bab75b	27/69 (39.13%)	IcedID	195.69.187.86:443
2019-05-13 14:21:15	0e0f20bf0b8dcfee3805b123b8bab75b	27/69 (39.13%)	IcedID	195.69.187.86:443
2019-05-03 03:41:50	2834d0c6467c5b5439dbc0678e45dc97	15/73 (20.55%)	IcedID	178.57.218.162:443
2019-05-03 03:41:50	2834d0c6467c5b5439dbc0678e45dc97	15/73 (20.55%)	IcedID	178.57.218.162:443
2019-05-03 01:00:08	7c097bdbd3cf3a61edb78c8786f15e69	33/72 (45.83%)	IcedID	178.57.218.162:443
2019-05-03 01:00:08	7c097bdbd3cf3a61edb78c8786f15e69	33/72 (45.83%)	IcedID	178.57.218.162:443
2019-05-02 18:16:51	ea16e1b9a8e9c9e524c35b70b5a058e0	16/72 (22.22%)	IcedID	178.57.218.162:443
2019-05-02 18:16:51	ea16e1b9a8e9c9e524c35b70b5a058e0	16/72 (22.22%)	IcedID	178.57.218.162:443
2019-05-01 16:40:46	cb19b23dec75383bd8c345a159ea135e	34/71 (47.89%)	IcedID	185.74.255.161:443
2019-05-01 16:40:46	cb19b23dec75383bd8c345a159ea135e	34/71 (47.89%)	IcedID	185.74.255.161:443
2019-05-01 15:13:03	f263e6c84cc6e6ae2de1b6c3359c5b72	34/73 (46.58%)	IcedID	185.74.255.161:443
2019-05-01 15:13:03	f263e6c84cc6e6ae2de1b6c3359c5b72	34/73 (46.58%)	IcedID	185.74.255.161:443
2019-05-01 11:04:28	cee7c0a3393f938027e802fba8ce2d79	17/72 (23.61%)	IcedID	185.74.255.161:443
2019-05-01 11:04:28	cee7c0a3393f938027e802fba8ce2d79	17/72 (23.61%)	IcedID	185.74.255.161:443
2019-05-01 10:20:52	fe36321853f8b2327e06dd6975f75136	53/72 (73.61%)	IcedID	185.74.255.161:443
2019-05-01 10:20:52	fe36321853f8b2327e06dd6975f75136	53/72 (73.61%)	IcedID	185.74.255.161:443
2019-05-01 10:07:12	a4a7057c1cf14cd0a17ec58b6f364142	13/69 (18.84%)	IcedID	185.74.255.161:443
2019-05-01 10:07:12	a4a7057c1cf14cd0a17ec58b6f364142	13/69 (18.84%)	IcedID	185.74.255.161:443
2019-04-30 23:15:03	74fbf14a5ad1b1e6491d2be7bc51852b	15/70 (21.43%)	IcedID	185.74.255.161:443
2019-04-30 23:15:03	74fbf14a5ad1b1e6491d2be7bc51852b	15/70 (21.43%)	IcedID	185.74.255.161:443
2019-04-30 14:27:51	6b5e3227684b5da5e2a947152dff9d7b	45/73 (61.64%)	IcedID	185.74.255.161:443
2019-04-30 14:27:51	6b5e3227684b5da5e2a947152dff9d7b	45/73 (61.64%)	IcedID	185.74.255.161:443
2019-04-26 07:52:36	93f8e537beb30f074b94da9e335786d7	35/71 (49.30%)	IcedID	185.66.9.114:443
2019-04-26 07:52:36	93f8e537beb30f074b94da9e335786d7	35/71 (49.30%)	IcedID	185.66.9.114:443
2019-04-26 04:54:05	ebe68efd925eba3d6dbfee954009d18a	33/66 (50.00%)	IcedID	185.66.9.114:443
2019-04-26 04:54:05	ebe68efd925eba3d6dbfee954009d18a	33/66 (50.00%)	IcedID	185.66.9.114:443
2019-04-26 04:44:24	e993c6e1f6f9c6b6e895a30afb40157a	28/71 (39.44%)	IcedID	185.66.9.114:443
2019-04-26 04:44:24	e993c6e1f6f9c6b6e895a30afb40157a	28/71 (39.44%)	IcedID	185.66.9.114:443
2019-04-26 04:00:49	22765f78ac88e523064b74297eb33e82	44/73 (60.27%)	IcedID	185.66.9.114:443
2019-04-26 04:00:49	22765f78ac88e523064b74297eb33e82	44/73 (60.27%)	IcedID	185.66.9.114:443
2019-04-25 14:43:14	66ae5ca97f8061c2d211e4c9fc6e1f52	42/69 (60.87%)	IcedID	185.66.9.114:443
2019-04-25 14:43:14	66ae5ca97f8061c2d211e4c9fc6e1f52	42/69 (60.87%)	IcedID	185.66.9.114:443
2019-04-25 05:43:24	72692d2870f052f08b8794c67ff250c4	n/a	IcedID	185.66.9.114:443
2019-04-25 05:43:24	72692d2870f052f08b8794c67ff250c4	n/a	IcedID	185.66.9.114:443
2019-04-25 04:17:16	4d95eef062945033e49416cf6c35998b	23/66 (34.85%)	IcedID	185.66.9.114:443
2019-04-25 04:17:16	4d95eef062945033e49416cf6c35998b	23/66 (34.85%)	IcedID	185.66.9.114:443
2019-04-25 00:59:36	be5bd77b1ea44c74dc7b0addf4c1f781	49/72 (68.06%)	IcedID	185.66.9.114:443
2019-04-25 00:59:36	be5bd77b1ea44c74dc7b0addf4c1f781	49/72 (68.06%)	IcedID	185.66.9.114:443
2019-04-24 23:45:47	8b834e75b2434f61cf99600cf10c2d68	29/65 (44.62%)	IcedID	185.66.9.114:443
2019-04-24 23:45:47	8b834e75b2434f61cf99600cf10c2d68	29/65 (44.62%)	IcedID	185.66.9.114:443
2019-04-24 15:29:41	e9908f7905896b0716e58a7fd39cbfa0	52/70 (74.29%)	IcedID	185.66.9.114:443
2019-04-24 15:29:41	e9908f7905896b0716e58a7fd39cbfa0	52/70 (74.29%)	IcedID	185.66.9.114:443
2019-04-24 14:23:39	e83394f689e4d95d930b4da1e4b47b7a	32/71 (45.07%)	IcedID	185.66.9.114:443
2019-04-24 14:23:39	e83394f689e4d95d930b4da1e4b47b7a	32/71 (45.07%)	IcedID	185.66.9.114:443
2019-04-24 06:24:11	7e13eeabfa002d9790f5eb52e4410816	42/70 (60.00%)	IcedID	77.222.60.127:443
2019-04-24 06:24:11	7e13eeabfa002d9790f5eb52e4410816	42/70 (60.00%)	IcedID	77.222.60.127:443
2019-04-24 04:39:09	cd613e4d2cdf676ad530431b55428908	24/66 (36.36%)	IcedID	77.222.60.127:443
2019-04-24 04:39:09	cd613e4d2cdf676ad530431b55428908	24/66 (36.36%)	IcedID	77.222.60.127:443
2019-04-24 02:53:50	6bead983685bb86f3ffdbae040156ddb	25/67 (37.31%)	IcedID	77.222.60.127:443
2019-04-24 02:53:50	6bead983685bb86f3ffdbae040156ddb	25/67 (37.31%)	IcedID	77.222.60.127:443
2019-04-22 13:52:56	823766c2b57604a25a46f4f7b2198c4b	14/71 (19.72%)	IcedID	77.222.60.127:443
2019-04-22 13:52:56	823766c2b57604a25a46f4f7b2198c4b	14/71 (19.72%)	IcedID	77.222.60.127:443
2019-04-22 13:08:59	d8d901a1b0e0f909cd2ddeb0302fff67	30/68 (44.12%)	IcedID	77.222.60.127:443
2019-04-22 13:08:59	d8d901a1b0e0f909cd2ddeb0302fff67	30/68 (44.12%)	IcedID	77.222.60.127:443

# of entries: 66 (max: 100)