SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 5dbd10b55039fcdfe8e49aea5345794d4fe2194f.

Database Entry


SHA1 Fingerprint:5dbd10b55039fcdfe8e49aea5345794d4fe2194f
Certificate Common Name (CN):moi
Issuer Distinguished Name (DN):moi
TLS Version:TLSv1
First seen:2021-03-03 06:51:20 UTC
Last seen:2021-03-31 05:03:34 UTC
Status:Blacklisted
Listing reason:OrcusRAT C&C
Listing date:2021-03-03 07:07:30
Malware samples:8
Botnet C&Cs:2

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2021-03-31 05:03:34a428c6ab3d79e8d79395db1518d414b0Virustotal results 34 / 44 (77.27%) AgentTesla18.224.135.48:9933
2021-03-30 00:25:50f66bcae24e1df34bcc2f15a24a646635Virustotal results 45 / 71 (63.38%) AgentTesla18.224.135.48:1
2021-03-25 15:11:44eac5db5e09667ff09e44a179d3837364Virustotal results 45 / 71 (63.38%) AgentTesla18.224.135.48:1
2021-03-25 09:51:27de6e3bce0567a65e1d4c7aa48e8be58fVirustotal results 42 / 69 (60.87%) 18.224.135.48:1
2021-03-24 10:42:12cc5b4def26c15ad19de9f6ae7028d0e3Virustotal results 51 / 69 (73.91%) AgentTesla18.224.135.48:2008
2021-03-11 23:29:43897a1239f1ccd07673a2197cd96d1e52Virustotal results 52 / 70 (74.29%) AgentTesla18.224.135.48:1612
2021-03-03 17:15:57fba7d909836a5c51f926d8481f901f04Virustotal results 30 / 69 (43.48%) OrcusRAT 3.12.163.16:7777
2021-03-03 06:51:207a9179a1807e76020dbd813a267d9b94Virustotal results 37 / 70 (52.86%) OrcusRAT 3.12.163.16:7777

# of entries: 8 (max: 100)