SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 4eb569e30034fd389f24af2bbc74740356403854.

Database Entry

SHA1 Fingerprint:	4eb569e30034fd389f24af2bbc74740356403854
Certificate Common Name (CN):	btr5
Issuer Distinguished Name (DN):	btr5
TLS Version:	TLS 1.2' NOTBEF
First seen:	2021-01-04 09:58:25 UTC
Last seen:	2021-01-27 17:18:15 UTC
Status:	Blacklisted
Listing reason:	Malware C&C
Listing date:	2021-01-04 13:18:54
Malware samples:	12
Botnet C&Cs:	2

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2021-01-27 17:18:15	b9762301d97b235937001fd09f586fb2	n/a	QuasarRAT	79.134.225.69:1973
2021-01-27 17:18:15	b9762301d97b235937001fd09f586fb2	n/a	QuasarRAT	79.134.225.69:1973
2021-01-27 07:55:37	6dfe5a2b841a3a78ac69b33064b6ef9e	n/a	SilentBuilder	79.134.225.69:1973
2021-01-27 07:55:37	6dfe5a2b841a3a78ac69b33064b6ef9e	n/a	SilentBuilder	79.134.225.69:1973
2021-01-26 07:39:20	71ecb52da4bf257635064e710307d328	n/a	SilentBuilder	79.134.225.69:1973
2021-01-26 07:39:20	71ecb52da4bf257635064e710307d328	n/a	SilentBuilder	79.134.225.69:1973
2021-01-06 09:00:17	e79f542fb3f5aa6e4400953be24780db	n/a	QuasarRAT	185.157.162.81:1973
2021-01-06 09:00:17	e79f542fb3f5aa6e4400953be24780db	n/a	QuasarRAT	185.157.162.81:1973
2021-01-06 08:16:54	2e0819723d50d0b6a2e6ffdb33778e40	8 / 59 (13.56%)	SilentBuilder	185.157.162.81:1973
2021-01-06 08:16:54	2e0819723d50d0b6a2e6ffdb33778e40	8 / 59 (13.56%)	SilentBuilder	185.157.162.81:1973
2021-01-06 00:35:10	18afc77f56cb53d9119cb03b078e4d40	n/a	QuasarRAT	185.157.162.81:1973
2021-01-06 00:35:10	18afc77f56cb53d9119cb03b078e4d40	n/a	QuasarRAT	185.157.162.81:1973
2021-01-05 15:33:52	3ab254f85015e991d56965dc3b8e72a9	n/a		185.157.162.81:1973
2021-01-05 15:33:52	3ab254f85015e991d56965dc3b8e72a9	n/a		185.157.162.81:1973
2021-01-05 08:00:36	002b54428a3ca3039761dd0cde5056a7	14 / 69 (20.29%)	QuasarRAT	185.157.162.81:1973
2021-01-05 08:00:36	002b54428a3ca3039761dd0cde5056a7	14 / 69 (20.29%)	QuasarRAT	185.157.162.81:1973
2021-01-05 07:44:04	bf9774e5063791aba95abb5b808aea43	n/a	SilentBuilder	185.157.162.81:1973
2021-01-05 07:44:04	bf9774e5063791aba95abb5b808aea43	n/a	SilentBuilder	185.157.162.81:1973
2021-01-04 13:45:33	97046c81c5e314288f28ddd9d71ec0db	3 / 62 (4.84%)	SilentBuilder	185.157.162.81:1973
2021-01-04 13:45:33	97046c81c5e314288f28ddd9d71ec0db	3 / 62 (4.84%)	SilentBuilder	185.157.162.81:1973
2021-01-04 13:36:13	db9417657dd8710cd71894216dae9275	n/a	QuasarRAT	185.157.162.81:1973
2021-01-04 13:36:13	db9417657dd8710cd71894216dae9275	n/a	QuasarRAT	185.157.162.81:1973
2021-01-04 09:58:25	98606f78ee642745d9f75c7309ef6292	8 / 62 (12.90%)	SilentBuilder	185.157.162.81:1973
2021-01-04 09:58:25	98606f78ee642745d9f75c7309ef6292	8 / 62 (12.90%)	SilentBuilder	185.157.162.81:1973

# of entries: 24 (max: 100)