SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 5ecae28804b0163111493cbf1db9f7939b2453e5.
Database Entry
| SHA1 Fingerprint: | 5ecae28804b0163111493cbf1db9f7939b2453e5 |
|---|---|
| Certificate Common Name (CN): | newworld-helloworld.icu |
| Issuer Distinguished Name (DN): | E7 |
| TLS Version: | TLS 1.2 |
| First seen: | 2026-04-10 21:29:11 UTC |
| Last seen: | 2026-04-12 04:30:39 UTC |
| Status: | Blacklisted |
| Listing reason: | SantaStealer C&C |
| Listing date: | 2026-04-12 06:57:19 |
| Malware samples: | 13 |
| Botnet C&Cs: | 2 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2026-04-12 04:30:39 | 159a7f68574239003a74fb55b4dab9de | n/a | 104.21.21.83:443 | |
| 2026-04-12 03:35:28 | 133d9c4d31cb7ed09a10f1a1c6145ca8 | n/a | 172.67.197.15:443 | |
| 2026-04-12 01:14:33 | 0bd5cc4a3555f65f9c9c2395d3e20ac6 | n/a | 172.67.197.15:443 | |
| 2026-04-12 01:12:41 | 0bb7bd2c94326baa0c8c9776342fcfae | n/a | 104.21.21.83:443 | |
| 2026-04-11 18:58:06 | 37142e4f9e641e80a5a1c9310e49cc53 | n/a | 104.21.21.83:443 | |
| 2026-04-11 15:24:28 | 22872c10f44c26381ea2fe76eeea9b66 | n/a | 172.67.197.15:443 | |
| 2026-04-11 12:26:01 | 4811f4bd716834d30192944b14f59ec6 | n/a | 172.67.197.15:443 | |
| 2026-04-11 03:17:40 | 29c920fc1ada2737d0876db164d8c912 | n/a | 104.21.21.83:443 | |
| 2026-04-11 02:56:59 | 07918cc4c32b3b6f11f43058d11ec49e | n/a | 104.21.21.83:443 | |
| 2026-04-10 23:54:27 | 12d20cdc61a093a401d100a134c2b91d | n/a | 104.21.21.83:443 | |
| 2026-04-10 23:09:05 | fac34acf470e3d18daea6c36e0b5cfc9 | n/a | 172.67.197.15:443 | |
| 2026-04-10 23:07:31 | 06cfbef7b396a4609f6cfae53f5a44e2 | n/a | 172.67.197.15:443 | |
| 2026-04-10 21:29:11 | 3b03453d2665fb756311f56a91b5d655 | n/a | 172.67.197.15:443 |
# of entries: 13 (max: 100)