SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 5085133cceda8ece760f4e66e87777533cd9dafc.

Database Entry

SHA1 Fingerprint:5085133cceda8ece760f4e66e87777533cd9dafc
Certificate Common Name (CN):*.realeurogroup.xyz
Issuer Distinguished Name (DN):R3
TLS Version:TLSv1
First seen:2021-08-31 15:48:05 UTC
Last seen:2021-09-03 19:05:37 UTC
Status:Blacklisted
Listing reason:RedLineStealer C&C
Listing date:2021-09-03 19:15:59
Malware samples:38
Botnet C&Cs:2

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2021-09-03 19:05:37915fff94ba8a7588af46c1090b7cd6d9Virustotal results 46 / 68 (67.65%) RedLineStealer172.67.156.42:443
2021-09-03 16:36:290dd588d0d11074ff583db120b6c551a4Virustotal results 43 / 68 (63.24%) RedLineStealer104.21.64.226:443
2021-09-03 12:22:09f69bb2af3dbb3fac27f3cfffddf2993bVirustotal results 39 / 68 (57.35%) RaccoonStealer104.21.64.226:443
2021-09-03 09:03:07f6336737452a7a106dde9be8ba468a0cVirustotal results 39 / 67 (58.21%) DiamondFox 104.21.64.226:443
2021-09-03 01:25:16c304acbf327cdb8f30afb29220277d51Virustotal results 40 / 70 (57.14%) DiamondFox 172.67.156.42:443
2021-09-02 17:32:12ef87292437102675a87732ba36caa664Virustotal results 43 / 68 (63.24%) RaccoonStealer104.21.64.226:443
2021-09-02 15:24:43eb6db30e23d77e2740d98a5c23fe0920Virustotal results 46 / 68 (67.65%) Adware.FileTour172.67.156.42:443
2021-09-02 15:08:25eb3ebb6a57814f00d526ae4880521318Virustotal results 50 / 67 (74.63%) DiamondFox 172.67.156.42:443
2021-09-02 10:43:20dabd19e7ae0a0bbdda38913a5db9df12Virustotal results 39 / 67 (58.21%) RedLineStealer104.21.64.226:443
2021-09-02 09:57:12d381a58ec4aa9d62b429d05f0bf9ec06Virustotal results 54 / 70 (77.14%) DiamondFox 172.67.156.42:443
2021-09-02 09:20:51d6601f90bee7e1de494867da87972485n/aRedLineStealer104.21.64.226:443
2021-09-02 08:58:32cdac59c8b61f0f6d9191faf3b1abd0f2Virustotal results 48 / 70 (68.57%) Adware.FileTour172.67.156.42:443
2021-09-02 08:31:14cb7be509ff3955a4c701efe911b3fae3Virustotal results 16 / 67 (23.88%) DiamondFox 172.67.156.42:443
2021-09-02 06:39:09bf17c97738b7ab1b85ddf5fb31e6f53bVirustotal results 47 / 68 (69.12%) Adware.FileTour104.21.64.226:443
2021-09-02 06:37:30bead55f62547ba6ae7925b8d3d158f7eVirustotal results 39 / 67 (58.21%) Adware.FileTour104.21.64.226:443
2021-09-02 06:32:38be6fec3f989c1551c28863071b8666e5Virustotal results 40 / 68 (58.82%) RaccoonStealer172.67.156.42:443
2021-09-02 05:36:07b881f162c6d02aac190818d72db7844aVirustotal results 39 / 69 (56.52%) Adware.FileTour104.21.64.226:443
2021-09-02 00:01:02a10c354ac4028589fb05645b340b12c8Virustotal results 44 / 68 (64.71%) DiamondFox 172.67.156.42:443
2021-09-01 23:57:129aa8e640a659ffe47ed3665ac11482b0Virustotal results 39 / 69 (56.52%) DiamondFox 104.21.64.226:443
2021-09-01 23:25:29720ac82bbf6ae7c41ea0630be8a40710Virustotal results 35 / 68 (51.47%) DiamondFox 172.67.156.42:443
2021-09-01 23:21:00702de4de3b2008cbb8b7c2d644641246Virustotal results 41 / 69 (59.42%) RedLineStealer104.21.64.226:443
2021-09-01 23:11:2964eb03c90532e94b704cdf9e1adacdd2Virustotal results 37 / 68 (54.41%) RedLineStealer104.21.64.226:443
2021-09-01 22:11:210bf244746a51a022db0bbf39e39f6a5cVirustotal results 42 / 69 (60.87%) ArkeiStealer172.67.156.42:443
2021-09-01 21:53:511923715e6214c54be40797c3d821fbfcVirustotal results 31 / 69 (44.93%) Adware.FileTour172.67.156.42:443
2021-09-01 21:51:3025f9b6f64d4c687c6f5c5003a1ce815cVirustotal results 7 / 68 (10.29%) Adware.FileTour104.21.64.226:443
2021-09-01 21:33:0734e7000ea25d295d40b7e69b5ec73833Virustotal results 40 / 69 (57.97%) Adware.FileTour104.21.64.226:443
2021-09-01 18:37:14a9296af40e2b6c379587350610af1e29Virustotal results 41 / 69 (59.42%) DiamondFox 172.67.156.42:443
2021-09-01 18:10:1860afdc0938184d2e5da29cb82fd42df5n/aRedLineStealer104.21.64.226:443
2021-09-01 17:47:30543ed8a17f16ce5b16b7c33702111dbfVirustotal results 23 / 69 (33.33%) DiamondFox 104.21.64.226:443
2021-09-01 15:00:208adc5d57a26fc6ad44338a47a1a45dcbVirustotal results 43 / 68 (63.24%) Adware.FileTour172.67.156.42:443
2021-09-01 14:40:01852157fbd89ccae5baff8172e7bbbe6eVirustotal results 33 / 59 (55.93%) RaccoonStealer172.67.156.42:443
2021-09-01 14:19:4680f65788ca4a1874c2a5852050c39454Virustotal results 46 / 69 (66.67%) DiamondFox 172.67.156.42:443
2021-09-01 13:46:3874f57657c904faaf18f9423ce1764469Virustotal results 33 / 68 (48.53%) DiamondFox 172.67.156.42:443
2021-09-01 10:16:353e83abe805ea3cd0852235f3365e1cf9Virustotal results 49 / 68 (72.06%) DiamondFox 172.67.156.42:443
2021-09-01 07:46:1414785117ffe39221b96c85d274d3c0feVirustotal results 44 / 69 (63.77%) RaccoonStealer172.67.156.42:443
2021-09-01 07:33:26118803b23a3495fab53f9d1df804926dVirustotal results 38 / 67 (56.72%) DiamondFox 172.67.156.42:443
2021-09-01 07:09:300a80ca3b566f0f17c5a6cdb239c82d31Virustotal results 45 / 69 (65.22%) DiamondFox 172.67.156.42:443
2021-08-31 15:48:05a702ea4d44b0cd2e341503175f84b0d2Virustotal results 38 / 69 (55.07%) DiamondFox 104.21.64.226:443

# of entries: 38 (max: 100)