SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 3ed16cc4f0ddebca7f789af2c249fc3cdac4e177.

Database Entry


SHA1 Fingerprint:3ed16cc4f0ddebca7f789af2c249fc3cdac4e177
Certificate Common Name (CN):*
Issuer Distinguished Name (DN):*
TLS Version:TLS 1.2
First seen:2020-06-14 08:29:27 UTC
Last seen:2020-07-07 08:17:27 UTC
Status:Blacklisted
Listing reason:BuerLoader C&C
Listing date:2020-06-14 10:21:51
Malware samples:8
Botnet C&Cs:4

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2020-07-07 08:17:27dd67156c0449a9fe8d43d2d5b06558c9Virustotal results 4 / 58 (6.90%) BuerLoader84.38.181.209:443
2020-07-07 08:04:12df6e1e72261d4741c7ab841b098ab497Virustotal results 25 / 72 (34.72%) BuerLoader84.38.181.209:443
2020-06-30 19:23:22234a0ee0cdaa29becee56d587aa7045aVirustotal results 43 / 72 (59.72%) Gozi 84.38.180.246:443
2020-06-30 05:38:1019e4dc06d4ccb13ede93bd8a3f115848Virustotal results 18 / 60 (30.00%) BuerLoader84.38.180.246:443
2020-06-30 05:37:10f500854e3cf9556688203a3d869b7d6dn/aGozi 84.38.180.246:443
2020-06-20 12:12:13a52d7f6d9c7e44219981fb88ede52a8cVirustotal results 31 / 74 (41.89%) BuerLoader188.68.221.93:443
2020-06-14 15:42:53b053e5ce6740fdf38102a32890b1cc2eVirustotal results 21 / 73 (28.77%) BuerLoader8.209.79.24:443
2020-06-14 08:29:278361763847155d8e0d09f460db189dc6Virustotal results 35 / 71 (49.30%) BuerLoader8.209.79.24:443

# of entries: 8 (max: 100)