SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 634bda131a93328ae698b628e756cca6f56961d7.
Database Entry
| SHA1 Fingerprint: | 634bda131a93328ae698b628e756cca6f56961d7 |
|---|---|
| Certificate Common Name (CN): | prsgcocoajyy.com |
| Issuer Distinguished Name (DN): | prsgcocoajyy.com |
| TLS Version: | TLS 1.2 |
| First seen: | 2016-04-14 05:55:16 UTC |
| Last seen: | 2016-04-18 05:20:16 UTC |
| Status: | Blacklisted |
| Listing reason: | Quakbot C&C |
| Listing date: | 2016-04-16 10:36:43 |
| Malware samples: | 4 |
| Botnet C&Cs: | 3 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-04-18 05:20:16 | 2502e34a99b18b13dafc95953deb89cd | n/a | Quakbot | 104.223.125.163:443 |
| 2016-04-18 05:20:16 | 2502e34a99b18b13dafc95953deb89cd | n/a | Quakbot | 104.223.125.163:443 |
| 2016-04-16 14:04:49 | 3ed0806940ddbfc9b7ed6780df819ac8 | n/a | Quakbot | 162.217.248.241:443 |
| 2016-04-16 14:04:49 | 3ed0806940ddbfc9b7ed6780df819ac8 | n/a | Quakbot | 162.217.248.241:443 |
| 2016-04-14 06:43:30 | 5352ccbe122fabd2c13239b48f96965d | n/a | Quakbot | 168.235.89.81:443 |
| 2016-04-14 06:43:30 | 5352ccbe122fabd2c13239b48f96965d | n/a | Quakbot | 168.235.89.81:443 |
| 2016-04-14 05:55:16 | f7cf0f3c81207d28e0f02fbdc2f54152 | n/a | Quakbot | 168.235.89.81:443 |
| 2016-04-14 05:55:16 | f7cf0f3c81207d28e0f02fbdc2f54152 | n/a | Quakbot | 168.235.89.81:443 |
# of entries: 8 (max: 100)