SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 52c99b8b5c5d6934ee8cf8d15c84a8f7a12a57ed.

Database Entry


SHA1 Fingerprint:52c99b8b5c5d6934ee8cf8d15c84a8f7a12a57ed
Certificate Common Name (CN):Qjlyxjcpy Xx, OU=Jwfvkvfoe, ST=ytiy, O=Im, C=QR, L=Csxfih
Issuer Distinguished Name (DN):Qjlyxjcpy Xx, OU=Jwfvkvfoe, ST=ytiy, O=Im, C=QR, L=Csxfih
TLS Version:TLS 1.2
First seen:2022-12-18 09:01:47 UTC
Last seen:2022-12-19 09:29:17 UTC
Status:Blacklisted
Listing reason:DanaBot C&C
Listing date:2022-12-19 09:26:36
Malware samples:4
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2022-12-19 09:29:17d4fe627b0bc66a57bfdb76c531c06ce6Virustotal results 34 / 71 (47.89%) 23.236.181.126:443
2022-12-19 08:12:5252939ddac663150e902b58fdbb2d7b75n/aDanaBot23.236.181.126:443
2022-12-19 07:09:508ba89cb6de7e41ec69404990443a97ban/aSmoke Loader 23.236.181.126:443
2022-12-18 09:01:476e10b6107066da8b83187a14c8b68b23Virustotal results 35 / 72 (48.61%) DanaBot23.236.181.126:443

# of entries: 4 (max: 100)