SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 6df3da6254fe884f56320ae28acaa7880748ea96.
Database Entry
| SHA1 Fingerprint: | 6df3da6254fe884f56320ae28acaa7880748ea96 |
|---|---|
| Certificate Common Name (CN): | walmgvyongcjrfpjjlwiweyiv.biz |
| Issuer Distinguished Name (DN): | walmgvyongcjrfpjjlwiweyiv.biz |
| TLS Version: | TLS 1.2 |
| First seen: | 2016-02-15 17:04:22 UTC |
| Last seen: | 2016-02-16 18:16:51 UTC |
| Status: | Blacklisted |
| Listing reason: | Quakbot C&C |
| Listing date: | 2016-02-17 10:22:37 |
| Malware samples: | 2 |
| Botnet C&Cs: | 2 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-02-16 18:16:51 | cfea583b524bf440c78f8fb74f41d96c |  34/54 (62.96%)
| Quakbot | 185.12.12.154:443 |
| 2016-02-16 18:16:51 | cfea583b524bf440c78f8fb74f41d96c | 34/54 (62.96%)
| Quakbot | 185.12.12.154:443 |
| 2016-02-15 17:04:22 | 1a4005d5099967342a9bcfed1913f6cd | 24/54 (44.44%)
| Quakbot | 43.251.157.139:443 |
| 2016-02-15 17:04:22 | 1a4005d5099967342a9bcfed1913f6cd | 24/54 (44.44%)
| Quakbot | 43.251.157.139:443 |
# of entries: 4 (max: 100)