SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 52c881ea52f0d290473b6a0595c1942d0c8785ec.
Database Entry
| SHA1 Fingerprint: | 52c881ea52f0d290473b6a0595c1942d0c8785ec |
|---|---|
| Certificate Common Name (CN): | ns4.dnsdns.gdn |
| Issuer Distinguished Name (DN): | Let's Encrypt Authority X3 |
| TLS Version: | TLSv1' NOTBEFOR |
| First seen: | 2019-05-04 13:46:49 UTC |
| Last seen: | 2021-04-29 16:53:28 UTC |
| Status: | Blacklisted |
| Listing reason: | RaccoonStealer C&C |
| Listing date: | 2021-04-29 18:10:40 |
| Malware samples: | 24 |
| Botnet C&Cs: | 13 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2021-04-29 16:53:28 | ac727bca43520ae0cc4202e629344221 | n/a | RaccoonStealer | 5.2.65.197:443 |
| 2021-04-29 16:53:28 | ac727bca43520ae0cc4202e629344221 | n/a | RaccoonStealer | 5.2.65.197:443 |
| 2021-03-14 18:25:46 | c936535638de3aa865aa77f3db461c4d | n/a | ArkeiStealer | 185.219.40.40:443 |
| 2021-03-14 18:25:46 | c936535638de3aa865aa77f3db461c4d | n/a | ArkeiStealer | 185.219.40.40:443 |
| 2021-03-13 22:25:31 | 575b12d08f483aa284dab5a62feb0779 | n/a | ArkeiStealer | 92.63.99.163:443 |
| 2021-03-13 22:25:31 | 575b12d08f483aa284dab5a62feb0779 | n/a | ArkeiStealer | 92.63.99.163:443 |
| 2021-03-13 20:00:17 | 9817f657f2e2189d09ab453becfb3eaa |  16 / 70 (22.86%)
| CoinMiner | 92.63.99.163:443 |
| 2021-03-13 20:00:17 | 9817f657f2e2189d09ab453becfb3eaa | 16 / 70 (22.86%)
| CoinMiner | 92.63.99.163:443 |
| 2021-03-13 12:52:35 | 2363f56686d2b13a829cc2b3f8f9810b | 14 / 69 (20.29%)
| Adware.Eorezo | 185.219.40.40:443 |
| 2021-03-13 12:52:35 | 2363f56686d2b13a829cc2b3f8f9810b | 14 / 69 (20.29%)
| Adware.Eorezo | 185.219.40.40:443 |
| 2020-02-24 10:12:17 | 77dbf4574f395623748d5a6889c357c7 | 16 / 72 (22.22%)
| NetSupport | 185.98.87.192:443 |
| 2020-02-24 10:12:17 | 77dbf4574f395623748d5a6889c357c7 | 16 / 72 (22.22%)
| NetSupport | 185.98.87.192:443 |
| 2020-02-14 05:27:59 | c1a81c1049f136d6167a6f542543e289 | 25 / 70 (35.71%)
| 167.86.106.40:443 | |
| 2020-02-14 05:27:59 | c1a81c1049f136d6167a6f542543e289 | 25 / 70 (35.71%)
| 167.86.106.40:443 | |
| 2020-02-13 19:45:08 | 75a494693c5c21e60f3840c598d14821 | n/a | 167.86.106.40:443 | |
| 2020-02-13 19:45:08 | 75a494693c5c21e60f3840c598d14821 | n/a | 167.86.106.40:443 | |
| 2020-01-20 12:28:17 | edebd6c5750b80acee830d4d4509744a | n/a | 193.233.149.7:443 | |
| 2020-01-20 12:28:17 | edebd6c5750b80acee830d4d4509744a | n/a | 193.233.149.7:443 | |
| 2019-10-04 13:47:09 | ca9eeb86bcfbb64ad4a57aba2555ad9e | 43/69 (62.32%)
| PsiXBot | 185.193.141.251:443 |
| 2019-10-04 13:47:09 | ca9eeb86bcfbb64ad4a57aba2555ad9e | 43/69 (62.32%)
| PsiXBot | 185.193.141.251:443 |
| 2019-09-21 20:09:22 | d726b1b49b8b0281901ecdee645fc24b | 47/69 (68.12%)
| PsiXBot | 194.67.91.222:443 |
| 2019-09-21 20:09:22 | d726b1b49b8b0281901ecdee645fc24b | 47/69 (68.12%)
| PsiXBot | 194.67.91.222:443 |
| 2019-09-21 16:20:44 | 9e9caa1a6e2e1c75b139f1ea2e5c2e22 | 45/69 (65.22%)
| PsiXBot | 194.67.91.222:443 |
| 2019-09-21 16:20:44 | 9e9caa1a6e2e1c75b139f1ea2e5c2e22 | 45/69 (65.22%)
| PsiXBot | 194.67.91.222:443 |
| 2019-09-08 17:49:29 | 4ce1d19abb052d3e075edd5d86abe685 | 31 / 70 (44.29%)
| PsiXBot | 194.58.108.187:443 |
| 2019-09-08 17:49:29 | 4ce1d19abb052d3e075edd5d86abe685 | 31 / 70 (44.29%)
| PsiXBot | 194.58.108.187:443 |
| 2019-09-08 17:24:35 | cd28463f908e776a89e6f0841def3c29 | 34/70 (48.57%)
| PsiXBot | 194.58.108.187:443 |
| 2019-09-08 17:24:35 | cd28463f908e776a89e6f0841def3c29 | 34/70 (48.57%)
| PsiXBot | 194.58.108.187:443 |
| 2019-09-08 04:35:55 | 40fcdb9a407d766c5ab554bcc1a500ff | 38/69 (55.07%)
| PsiXBot | 194.58.108.187:443 |
| 2019-09-08 04:35:55 | 40fcdb9a407d766c5ab554bcc1a500ff | 38/69 (55.07%)
| PsiXBot | 194.58.108.187:443 |
| 2019-09-07 18:23:46 | 33998ea583c31c9f80b0c1b8a4650dcc | n/a | PsiXBot | 194.58.108.187:443 |
| 2019-09-07 18:23:46 | 33998ea583c31c9f80b0c1b8a4650dcc | n/a | PsiXBot | 194.58.108.187:443 |
| 2019-08-14 10:34:36 | 40a43e08d2101de4f9268cf52765ac60 | n/a | 5.253.61.186:443 | |
| 2019-08-14 10:34:36 | 40a43e08d2101de4f9268cf52765ac60 | n/a | 5.253.61.186:443 | |
| 2019-08-14 07:28:15 | dfa1fd643edf899b4c099a2cd68bd8c0 | n/a | 89.108.65.150:443 | |
| 2019-08-14 07:28:15 | dfa1fd643edf899b4c099a2cd68bd8c0 | n/a | 89.108.65.150:443 | |
| 2019-07-02 09:40:21 | 4a468c6077e180d71acae79e1f5d62c8 | n/a | TrickBot | 54.38.127.22:443 |
| 2019-07-02 09:40:21 | 4a468c6077e180d71acae79e1f5d62c8 | n/a | TrickBot | 54.38.127.22:443 |
| 2019-07-02 09:40:21 | 4a468c6077e180d71acae79e1f5d62c8 | n/a | TrickBot | 54.38.127.22:443 |
| 2019-07-02 09:40:21 | 4a468c6077e180d71acae79e1f5d62c8 | n/a | TrickBot | 54.38.127.22:443 |
| 2019-07-01 16:43:50 | 0c56130ace2b7b51cb1128604f9121c6 | 34/70 (48.57%)
| TrickBot | 54.38.127.22:443 |
| 2019-07-01 16:43:50 | 0c56130ace2b7b51cb1128604f9121c6 | 34/70 (48.57%)
| TrickBot | 54.38.127.22:443 |
| 2019-07-01 16:43:50 | 0c56130ace2b7b51cb1128604f9121c6 | 34/70 (48.57%)
| TrickBot | 54.38.127.22:443 |
| 2019-07-01 16:43:50 | 0c56130ace2b7b51cb1128604f9121c6 | 34/70 (48.57%)
| TrickBot | 54.38.127.22:443 |
| 2019-07-01 06:15:44 | 17faa0b170c64af38b11e674796a0b7d | 45/71 (63.38%)
| TrickBot | 54.38.127.22:443 |
| 2019-07-01 06:15:44 | 17faa0b170c64af38b11e674796a0b7d | 45/71 (63.38%)
| TrickBot | 54.38.127.22:443 |
| 2019-07-01 06:15:44 | 17faa0b170c64af38b11e674796a0b7d | 45/71 (63.38%)
| TrickBot | 54.38.127.22:443 |
| 2019-07-01 06:15:44 | 17faa0b170c64af38b11e674796a0b7d | 45/71 (63.38%)
| TrickBot | 54.38.127.22:443 |
| 2019-06-30 06:26:28 | 3ec5a4d848b84ce6a080f31cacb5fd6a | 45/71 (63.38%)
| TrickBot | 54.38.127.22:443 |
| 2019-06-30 06:26:28 | 3ec5a4d848b84ce6a080f31cacb5fd6a | 45/71 (63.38%)
| TrickBot | 54.38.127.22:443 |
| 2019-06-30 06:26:28 | 3ec5a4d848b84ce6a080f31cacb5fd6a | 45/71 (63.38%)
| TrickBot | 54.38.127.22:443 |
| 2019-06-30 06:26:28 | 3ec5a4d848b84ce6a080f31cacb5fd6a | 45/71 (63.38%)
| TrickBot | 54.38.127.22:443 |
| 2019-06-30 02:42:34 | e6f99c42312fcc93dcc3417e1e1975c1 | 45/71 (63.38%)
| TrickBot | 54.38.127.22:443 |
| 2019-06-30 02:42:34 | e6f99c42312fcc93dcc3417e1e1975c1 | 45/71 (63.38%)
| TrickBot | 54.38.127.22:443 |
| 2019-06-30 02:42:34 | e6f99c42312fcc93dcc3417e1e1975c1 | 45/71 (63.38%)
| TrickBot | 54.38.127.22:443 |
| 2019-06-30 02:42:34 | e6f99c42312fcc93dcc3417e1e1975c1 | 45/71 (63.38%)
| TrickBot | 54.38.127.22:443 |
| 2019-05-04 13:46:49 | 3e83feea994df2ec38b114961c973c80 | 33/69 (47.83%)
| AZORult | 46.232.113.9:443 |
| 2019-05-04 13:46:49 | 3e83feea994df2ec38b114961c973c80 | 33/69 (47.83%)
| AZORult | 46.232.113.9:443 |
# of entries: 58 (max: 100)