SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 547c2fb11a13671c4951d613cdaba9f2f6a0161f.

Database Entry

SHA1 Fingerprint:547c2fb11a13671c4951d613cdaba9f2f6a0161f
Certificate Common Name (CN):Pyijuffhl Kxyfbyuiugbi, OU=Jpebdxgw, ST=ncnxiixurpnjh, O=Fgbhqvogtlvewd, C=KJ, L=Gbopgmsw
Issuer Distinguished Name (DN):Pyijuffhl Kxyfbyuiugbi, OU=Jpebdxgw, ST=ncnxiixurpnjh, O=Fgbhqvogtlvewd, C=KJ, L=Gbopgmsw
TLS Version:TLS 1.2
First seen:2022-11-21 07:04:39 UTC
Last seen:2022-12-11 07:22:06 UTC
Status:Blacklisted
Listing reason:Malware C&C
Listing date:2022-12-11 08:31:20
Malware samples:11
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2022-12-11 07:22:06fc473619ea480601d1d60b9c7ecdcfc8n/aSmoke Loader 185.62.56.163:443
2022-12-11 03:56:361a566952b8113dd03214410938730de3Virustotal results 40 / 72 (55.56%) 185.62.56.163:443
2022-12-10 19:09:0334985e40d032ab88887d63d79b64eb11n/a185.62.56.163:443
2022-12-10 13:54:24d009427306b80cf0b67b90c869120e7cVirustotal results 38 / 72 (52.78%) 185.62.56.163:443
2022-12-10 08:59:27183d4114fdac16cb892e95be6d8b8835n/a185.62.56.163:443
2022-12-10 08:34:10b449cbc05d2c7aee9caa08e74da42c1bVirustotal results 36 / 71 (50.70%) 185.62.56.163:443
2022-12-10 08:33:05f0d2b9466699413b87ad13759dfb346eVirustotal results 27 / 71 (38.03%) 185.62.56.163:443
2022-12-10 08:32:08ba563e86e90d88c4a09bed4bdad52d24Virustotal results 37 / 71 (52.11%) DanaBot185.62.56.163:443
2022-12-09 16:07:53d04e6d8eb7c75079407f20eee7ed68daVirustotal results 32 / 70 (45.71%) 185.62.56.163:443
2022-11-27 16:49:0105176e1e5a94cdf2f35e1e3b0c50d29fn/a185.62.56.163:443
2022-11-21 07:04:39e654a4715a97d273d9df7608d9da3f23Virustotal results 32 / 72 (44.44%) 185.62.56.163:443

# of entries: 11 (max: 100)