SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 634bda131a93328ae698b628e756cca6f56961d7.

Database Entry


SHA1 Fingerprint:634bda131a93328ae698b628e756cca6f56961d7
Certificate Common Name (CN):prsgcocoajyy.com
Issuer Distinguished Name (DN):prsgcocoajyy.com
TLS Version:TLS 1.2
First seen:2016-04-14 05:55:16 UTC
Last seen:2016-04-18 05:20:16 UTC
Status:Blacklisted
Listing reason:Quakbot C&C
Listing date:2016-04-16 10:36:43
Malware samples:4
Botnet C&Cs:3

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-04-18 05:20:162502e34a99b18b13dafc95953deb89cdn/aQuakbot104.223.125.163:443
2016-04-18 05:20:162502e34a99b18b13dafc95953deb89cdn/aQuakbot104.223.125.163:443
2016-04-16 14:04:493ed0806940ddbfc9b7ed6780df819ac8n/aQuakbot162.217.248.241:443
2016-04-16 14:04:493ed0806940ddbfc9b7ed6780df819ac8n/aQuakbot162.217.248.241:443
2016-04-14 06:43:305352ccbe122fabd2c13239b48f96965dn/aQuakbot168.235.89.81:443
2016-04-14 06:43:305352ccbe122fabd2c13239b48f96965dn/aQuakbot168.235.89.81:443
2016-04-14 05:55:16f7cf0f3c81207d28e0f02fbdc2f54152n/aQuakbot168.235.89.81:443
2016-04-14 05:55:16f7cf0f3c81207d28e0f02fbdc2f54152n/aQuakbot168.235.89.81:443

# of entries: 8 (max: 100)