SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 4a691232210adeb583e11d54999d4f3cc90ec82a.

Database Entry


SHA1 Fingerprint:4a691232210adeb583e11d54999d4f3cc90ec82a
Certificate Common Name (CN):OrcusServerCertificate
Issuer Distinguished Name (DN):OrcusServerCertificate
TLS Version:TLSv1
First seen:2021-02-24 10:25:58 UTC
Last seen:2021-02-28 04:04:55 UTC
Status:Blacklisted
Listing reason:OrcusRAT C&C
Listing date:2021-02-24 12:01:32
Malware samples:7
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2021-02-28 04:04:559dcd489c5b13e01061ee52fa25f8ed19Virustotal results 55 / 71 (77.46%) AgentTesla3.128.190.178:7777
2021-02-28 01:46:186555c1aa098328ecfa33bb3e53aa58aeVirustotal results 57 / 71 (80.28%) OrcusRAT 3.128.190.178:7777
2021-02-27 23:41:0520b9b4c3c0de82c02ecc60d6ddf04664Virustotal results 38 / 71 (53.52%) OrcusRAT 3.128.190.178:7777
2021-02-26 22:49:048c64099d4842cf501e218708322065feVirustotal results 54 / 71 (76.06%) AgentTesla3.128.190.178:2403
2021-02-25 16:59:285765461796369a64a73734037897efa4Virustotal results 52 / 69 (75.36%) AgentTesla3.128.190.178:1488
2021-02-24 12:00:07f08d90bf740a2cbbc897d348f6d3bd3fVirustotal results 45 / 70 (64.29%) AgentTesla3.128.190.178:1604
2021-02-24 10:25:58e11349b5c128629768646364a5f1274fVirustotal results 57 / 71 (80.28%) AgentTesla3.128.190.178:1222

# of entries: 7 (max: 100)