SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 599f2aa0faa861d0ba6f6a742d198389eee49be9.

Database Entry

SHA1 Fingerprint:	599f2aa0faa861d0ba6f6a742d198389eee49be9
Certificate Common Name (CN):	cegu.shop
Issuer Distinguished Name (DN):	R10
TLS Version:	TLS 1.2
First seen:	2024-12-26 15:49:14 UTC
Last seen:	2025-01-03 20:59:42 UTC
Status:	Blacklisted
Listing reason:	LummaStealer C&C
Listing date:	2025-01-04 14:17:27
Malware samples:	14
Botnet C&Cs:	1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Botnet C&C (IP:port)
2025-01-03 20:59:42	25f8c962f3ae839691debd96148bf3e1	n/a	185.161.251.21:443
2025-01-03 04:11:17	79972f296cb418a20b17d2440850d790	n/a	185.161.251.21:443
2025-01-02 11:36:45	e51e2f42b1171def63a9baa11bc55c64	n/a	185.161.251.21:443
2025-01-02 00:32:04	66f0ce2dedf4f639c6d0c356728087a9	n/a	185.161.251.21:443
2025-01-01 18:54:22	44512d17e8d71a3aeec8da8cdf680b03	n/a	185.161.251.21:443
2024-12-30 19:42:04	b106a3a66916985d5e5b6cbbb6c5b07c	n/a	185.161.251.21:443
2024-12-30 18:24:47	2f30fcf726e3fcdcbdaec184de4eef49	n/a	185.161.251.21:443
2024-12-29 15:43:13	c6f709a40a7d35051ee49ad1e367df65	n/a	185.161.251.21:443
2024-12-29 02:55:08	9fed7135d164c0fb31b859fcd5acfe5f	n/a	185.161.251.21:443
2024-12-27 19:28:14	0981c44a10cc0831ff1223aa55383192	n/a	185.161.251.21:443
2024-12-27 09:25:10	7c498eca1b725e8a85fef298184ccbb9	n/a	185.161.251.21:443
2024-12-26 22:14:48	704c5b384f7c80fcd6f683f48ac447b1	n/a	185.161.251.21:443
2024-12-26 21:14:29	6022ea9ea0fc4e40342cf0a31e35b6f3	n/a	185.161.251.21:443
2024-12-26 15:49:14	51409c968880d1422635af1355423e7a	n/a	185.161.251.21:443

# of entries: 14 (max: 100)