SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 51a405e1791e14af11208387348a1399e6e63195.

Database Entry


SHA1 Fingerprint:51a405e1791e14af11208387348a1399e6e63195
Certificate Common Name (CN):COMODO ECC Domain Validation Secure Server CA 2
Issuer Distinguished Name (DN):COMODO ECC Domain Validation Secure Server CA 2
TLS Version:TLS 1.2
First seen:2019-12-12 20:25:48 UTC
Last seen:2020-01-08 11:26:30 UTC
Status:Blacklisted
Listing reason:Adwind C&C
Listing date:2019-12-13 08:59:05
Malware samples:9
Botnet C&Cs:7

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2020-01-08 11:26:302dd76a3b2b94ed06e94bda51c66b978bVirustotal results 15 / 62 (24.19%) Adwind62.108.37.11:5252
2020-01-07 23:51:52befbc7a297f091bf4bbe30f1477d40c9Virustotal results 21 / 62 (33.87%) Adwind192.3.2.152:5050
2019-12-22 11:09:378a9be76dee359620ea9508747519c510n/aAdwind95.211.170.231:1991
2019-12-21 14:39:014c961677f35dbc06cefa1f1101827d03Virustotal results 21 / 58 (36.21%) Adwind103.133.109.147:4434
2019-12-20 08:09:4620394061e14e88f8bbf19247534947a4Virustotal results 17 / 56 (30.36%) Adwind174.127.99.243:5888
2019-12-16 14:10:10e6e84eec12ba26875f613d7be5f40096n/aAdwind185.140.53.217:5541
2019-12-13 06:32:15d3c4b993ac2759a9f670d550b6bbae5fn/aAdwind185.140.53.217:2002
2019-12-13 03:50:259cbf2f8f8748f62798cf1c7cd4058218n/aAdwind185.244.30.244:2211
2019-12-12 20:25:4831f865be3be63500fd95dbe468db465an/aAdwind185.140.53.217:2002

# of entries: 9 (max: 100)