SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 708f3b3af3a2027115a7e73d6ef72d69a13e37fe.

Database Entry

SHA1 Fingerprint:	708f3b3af3a2027115a7e73d6ef72d69a13e37fe
Certificate Common Name (CN):	finderout.com
Issuer Distinguished Name (DN):	finderout.com
TLS Version:	TLS 1.2
First seen:	2021-02-15 14:03:49 UTC
Last seen:	2021-02-17 09:34:17 UTC
Status:	Blacklisted
Listing reason:	CobaltStrike C&C
Listing date:	2021-02-17 09:29:40
Malware samples:	6
Botnet C&Cs:	1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2021-02-17 09:34:17	34a6adbc15535b1378351a92711f2336	13 / 69 (18.84%)	CobaltStrike	194.26.29.191:443
2021-02-17 09:34:17	34a6adbc15535b1378351a92711f2336	13 / 69 (18.84%)	CobaltStrike	194.26.29.191:443
2021-02-17 09:33:04	1464daee7cfe0b8134b7b280d523d3b8	33 / 71 (46.48%)	CobaltStrike	194.26.29.191:443
2021-02-17 09:33:04	1464daee7cfe0b8134b7b280d523d3b8	33 / 71 (46.48%)	CobaltStrike	194.26.29.191:443
2021-02-17 09:30:15	486a71006c9c1fb20a85823f6a97e611	29 / 71 (40.85%)	CobaltStrike	194.26.29.191:443
2021-02-17 09:30:15	486a71006c9c1fb20a85823f6a97e611	29 / 71 (40.85%)	CobaltStrike	194.26.29.191:443
2021-02-17 09:25:43	d4a07fbb59973e4217f85f6066bc53e0	16 / 70 (22.86%)	CobaltStrike	194.26.29.191:443
2021-02-17 09:25:43	d4a07fbb59973e4217f85f6066bc53e0	16 / 70 (22.86%)	CobaltStrike	194.26.29.191:443
2021-02-17 09:22:23	d550d858363f6f0b949947e3dbd65aa9	19 / 71 (26.76%)	CobaltStrike	194.26.29.191:443
2021-02-17 09:22:23	d550d858363f6f0b949947e3dbd65aa9	19 / 71 (26.76%)	CobaltStrike	194.26.29.191:443
2021-02-15 14:03:49	1dc858e63cb36548a246d078ffdf99d3	1 / 69 (1.45%)	CobaltStrike	194.26.29.191:443
2021-02-15 14:03:49	1dc858e63cb36548a246d078ffdf99d3	1 / 69 (1.45%)	CobaltStrike	194.26.29.191:443

# of entries: 12 (max: 100)