SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 57dcc7f7fadc43046b6a1e4a2ea0fc4c558c5464.

Database Entry


SHA1 Fingerprint:57dcc7f7fadc43046b6a1e4a2ea0fc4c558c5464
Certificate Common Name (CN):desertfebruaryfire.top
Issuer Distinguished Name (DN):R3
TLS Version:TLS 1.2
First seen:2021-02-25 20:54:28 UTC
Last seen:2021-02-26 03:57:17 UTC
Status:Blacklisted
Listing reason:RaccoonStealer C&C
Listing date:2021-02-26 06:30:46
Malware samples:8
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2021-02-26 03:57:17a581b527e44fdebb3f62b184e4df5a4dVirustotal results 43 / 71 (60.56%) Gozi 35.228.252.199:443
2021-02-26 03:45:56a4d30ea4116d305c40363f8a4ff742b3Virustotal results 9 / 71 (12.68%) RaccoonStealer35.228.252.199:443
2021-02-26 02:16:49a0f674633f7d299ec3b7ecf8eb3f5986Virustotal results 45 / 71 (63.38%) RaccoonStealer35.228.252.199:443
2021-02-26 02:03:02a2a347fea390dfd24502298013dbc7ecVirustotal results 37 / 66 (56.06%) RaccoonStealer35.228.252.199:443
2021-02-26 01:35:29970aaaac70eb3277894359e7ba16978cn/aRaccoonStealer35.228.252.199:443
2021-02-26 00:59:58914d9b64a88c830028100fb56d605687n/aRaccoonStealer35.228.252.199:443
2021-02-25 23:45:55a0a2f72fdc7811dd4c5bdb91dbea4c78Virustotal results 42 / 70 (60.00%) RaccoonStealer35.228.252.199:443
2021-02-25 20:54:288156afae8c5153957efa73b95075558aVirustotal results 49 / 69 (71.01%) Quakbot35.228.252.199:443

# of entries: 8 (max: 100)