SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 3ed16cc4f0ddebca7f789af2c249fc3cdac4e177.

Database Entry

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2020-07-07 08:17:27	dd67156c0449a9fe8d43d2d5b06558c9	4 / 58 (6.90%)	BuerLoader	84.38.181.209:443
2020-07-07 08:17:27	dd67156c0449a9fe8d43d2d5b06558c9	4 / 58 (6.90%)	BuerLoader	84.38.181.209:443
2020-07-07 08:04:12	df6e1e72261d4741c7ab841b098ab497	25 / 72 (34.72%)	BuerLoader	84.38.181.209:443
2020-07-07 08:04:12	df6e1e72261d4741c7ab841b098ab497	25 / 72 (34.72%)	BuerLoader	84.38.181.209:443
2020-06-30 19:23:22	234a0ee0cdaa29becee56d587aa7045a	43 / 72 (59.72%)	Gozi	84.38.180.246:443
2020-06-30 19:23:22	234a0ee0cdaa29becee56d587aa7045a	43 / 72 (59.72%)	Gozi	84.38.180.246:443
2020-06-30 05:38:10	19e4dc06d4ccb13ede93bd8a3f115848	18 / 60 (30.00%)	BuerLoader	84.38.180.246:443
2020-06-30 05:38:10	19e4dc06d4ccb13ede93bd8a3f115848	18 / 60 (30.00%)	BuerLoader	84.38.180.246:443
2020-06-30 05:37:10	f500854e3cf9556688203a3d869b7d6d	n/a	Gozi	84.38.180.246:443
2020-06-30 05:37:10	f500854e3cf9556688203a3d869b7d6d	n/a	Gozi	84.38.180.246:443
2020-06-20 12:12:13	a52d7f6d9c7e44219981fb88ede52a8c	31 / 74 (41.89%)	BuerLoader	188.68.221.93:443
2020-06-20 12:12:13	a52d7f6d9c7e44219981fb88ede52a8c	31 / 74 (41.89%)	BuerLoader	188.68.221.93:443
2020-06-14 15:42:53	b053e5ce6740fdf38102a32890b1cc2e	21 / 73 (28.77%)	BuerLoader	8.209.79.24:443
2020-06-14 15:42:53	b053e5ce6740fdf38102a32890b1cc2e	21 / 73 (28.77%)	BuerLoader	8.209.79.24:443
2020-06-14 08:29:27	8361763847155d8e0d09f460db189dc6	35 / 71 (49.30%)	BuerLoader	8.209.79.24:443
2020-06-14 08:29:27	8361763847155d8e0d09f460db189dc6	35 / 71 (49.30%)	BuerLoader	8.209.79.24:443

# of entries: 16 (max: 100)