SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 5c67e2d3e488622d200fbb8bf3418206dfe05a5b.

Database Entry

SHA1 Fingerprint:5c67e2d3e488622d200fbb8bf3418206dfe05a5b
Certificate Common Name (CN):185.62.58.85, OU=qrrsstu, ST=fgghhiijkk, O=ppqqq, C=de, L=llmmmnno, Email=uuuvv@185.62.58.85
Issuer Distinguished Name (DN):185.62.58.85, OU=qrrsstu, ST=fgghhiijkk, O=ppqqq, C=de, L=llmmmnno, Email=uuuvv@185.62.58.85
TLS Version:TLS 1.2
First seen:2022-03-13 14:13:48 UTC
Last seen:2022-03-29 07:27:08 UTC
Status:Blacklisted
Listing reason:DanaBot C&C
Listing date:2022-03-29 07:24:12
Malware samples:11
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2022-03-29 07:27:0879722ab4bf79478b58d1597d8a2884c6Virustotal results 25 / 69 (36.23%) 185.62.58.85:443
2022-03-29 07:24:43a1bedc32d9434c90ff006e58470716baVirustotal results 28 / 70 (40.00%) DanaBot185.62.58.85:443
2022-03-28 21:07:467f33f4024a273a6255a7b8adf5bc7900n/aDanaBot185.62.58.85:443
2022-03-28 20:08:56aa82c366165032b3ee8cfbdeedae28c8n/a185.62.58.85:443
2022-03-28 18:23:349b3a7d67bc4760d3551834f38ef9945cn/aDanaBot185.62.58.85:443
2022-03-28 14:14:3937354dd377d5867f848a3c4f2621cfbbn/aDanaBot185.62.58.85:443
2022-03-18 06:22:2352ff5d7ff5392908012de021d5881457Virustotal results 25 / 69 (36.23%) 185.62.58.85:443
2022-03-17 08:38:49189912144579ea13a1fa6a39d55b87ebVirustotal results 26 / 68 (38.24%) DanaBot185.62.58.85:443
2022-03-17 08:26:49f6a822552cd802ad5c95e0e54cb0ee3dVirustotal results 26 / 69 (37.68%) 185.62.58.85:443
2022-03-16 22:39:31119440585a9c8d2ba603cfdf0f1a7375Virustotal results 50 / 67 (74.63%) TeamBot185.62.58.85:443
2022-03-13 14:13:48ebf60ae71e4830f9e07d78e9abf7d764Virustotal results 52 / 68 (76.47%) Smoke Loader 185.62.58.85:443

# of entries: 11 (max: 100)