SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 3e4a4b3c0d3f4f71a14ddbe985d18e4a445c93f2.
Database Entry
| SHA1 Fingerprint: | 3e4a4b3c0d3f4f71a14ddbe985d18e4a445c93f2 |
|---|---|
| Certificate Common Name (CN): | DcRat |
| Issuer Distinguished Name (DN): | DcRat Server, OU=qwqdanchun, O=DcRat By qwqdanchun, L=SH, C=CN |
| TLS Version: | TLSv1 |
| First seen: | 2022-01-28 19:54:41 UTC |
| Last seen: | 2022-01-30 14:18:08 UTC |
| Status: | Blacklisted |
| Listing reason: | AsyncRAT C&C |
| Listing date: | 2022-01-28 20:51:52 |
| Malware samples: | 3 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2022-01-30 14:18:08 | 22021cdbf9936f8a469ecb5e11636799 |  50 / 69 (72.46%)
| AsyncRAT | 212.192.246.239:1001 |
| 2022-01-30 14:18:08 | 22021cdbf9936f8a469ecb5e11636799 | 50 / 69 (72.46%)
| AsyncRAT | 212.192.246.239:1001 |
| 2022-01-30 13:57:47 | 5369e645742b60732edfb0d8c7dd4d97 | 49 / 68 (72.06%)
| AsyncRAT | 212.192.246.239:8000 |
| 2022-01-30 13:57:47 | 5369e645742b60732edfb0d8c7dd4d97 | 49 / 68 (72.06%)
| AsyncRAT | 212.192.246.239:8000 |
| 2022-01-28 19:54:41 | 291f186dea7b135c382eafe1ff1d3abf | 48 / 67 (71.64%)
| AsyncRAT | 212.192.246.239:228 |
| 2022-01-28 19:54:41 | 291f186dea7b135c382eafe1ff1d3abf | 48 / 67 (71.64%)
| AsyncRAT | 212.192.246.239:228 |
# of entries: 6 (max: 100)