SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 6bdb302e1dd3a6af6e22f319da1898b46eeb9c55.
Database Entry
| SHA1 Fingerprint: | 6bdb302e1dd3a6af6e22f319da1898b46eeb9c55 |
|---|---|
| Certificate Common Name (CN): | Henpkno, OU=Ugpscgvfmhiw, ST=fpuhyn, O=Pfjruuyf, C=VN, L=Mmc Dkrpndsuximjfo |
| Issuer Distinguished Name (DN): | Henpkno, OU=Ugpscgvfmhiw, ST=fpuhyn, O=Pfjruuyf, C=VN, L=Mmc Dkrpndsuximjfo |
| TLS Version: | TLS 1.2 |
| First seen: | 2022-12-23 05:37:39 UTC |
| Last seen: | 2022-12-23 17:33:40 UTC |
| Status: | Blacklisted |
| Listing reason: | DanaBot C&C |
| Listing date: | 2022-12-23 17:25:36 |
| Malware samples: | 8 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2022-12-23 17:33:40 | bbb6f61b39fa9f643be9df9cdd3125b7 | n/a | ServHelper | 23.254.225.181:443 |
| 2022-12-23 16:01:57 | 46ed908fd15d8ef90aac5aeab58c73b2 | n/a | ServHelper | 23.254.225.181:443 |
| 2022-12-23 15:52:20 | 968847a638f5e0eb9319c1f00bdb034f | n/a | Smoke Loader | 23.254.225.181:443 |
| 2022-12-23 14:37:33 | a76d6824c331c888ba17df92923a08e6 | n/a | ArkeiStealer | 23.254.225.181:443 |
| 2022-12-23 13:48:10 | 17235d729ed59813d4f0917c71e93927 |  34 / 70 (48.57%)
| 23.254.225.181:443 | |
| 2022-12-23 13:40:45 | ed997528c538bac2da0002603e8e1de5 | n/a | Smoke Loader | 23.254.225.181:443 |
| 2022-12-23 06:36:00 | 01a66f76a3a1408dfb5bdf1689e6b8b3 | n/a | DanaBot | 23.254.225.181:443 |
| 2022-12-23 05:37:39 | cab4c4e416eaceafe25c92d7c3a27a3a | n/a | DanaBot | 23.254.225.181:443 |
# of entries: 8 (max: 100)