SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 816c8eedc2632de8a88b777e28f91a4f3f7e8936.

Database Entry

SHA1 Fingerprint:	816c8eedc2632de8a88b777e28f91a4f3f7e8936
Certificate Common Name (CN):	default.com/emailAddress=admin@defalult.com
Issuer Distinguished Name (DN):	default.com/emailAddress=admin@defalult.com
TLS Version:	TLS 1.2
First seen:	2018-05-25 11:41:52 UTC
Last seen:	2018-10-09 23:55:47 UTC
Status:	Blacklisted
Listing reason:	IcedId C&C
Listing date:	2018-08-08 11:52:51
Malware samples:	79
Botnet C&Cs:	6

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2018-10-09 23:55:47	617854894a2b93058a91803817a57118	39/69 (56.52%)	AZORult	92.38.130.63:443
2018-10-09 23:55:47	617854894a2b93058a91803817a57118	39/69 (56.52%)	AZORult	92.38.130.63:443
2018-10-09 22:10:56	e1a8062f748b218e1bf69b381980804c	33/69 (47.83%)	IcedID	92.38.130.63:443
2018-10-09 22:10:56	e1a8062f748b218e1bf69b381980804c	33/69 (47.83%)	IcedID	92.38.130.63:443
2018-10-09 13:23:52	09e6afdbcc719f1080fd0a0f1053decf	31/68 (45.59%)	IcedId	185.17.123.248:443
2018-10-09 13:23:52	09e6afdbcc719f1080fd0a0f1053decf	31/68 (45.59%)	IcedId	185.17.123.248:443
2018-10-09 13:04:02	99987515ba7a00fe6fe7ce88bb45c832	35/69 (50.72%)	IcedID	185.189.132.134:443
2018-10-09 13:04:02	99987515ba7a00fe6fe7ce88bb45c832	35/69 (50.72%)	IcedID	185.189.132.134:443
2018-10-09 08:52:50	a35b6f6897c9fc2e1916a27fbd37118d	28/66 (42.42%)	IcedId	185.17.123.248:443
2018-10-09 08:52:50	a35b6f6897c9fc2e1916a27fbd37118d	28/66 (42.42%)	IcedId	185.17.123.248:443
2018-10-09 07:25:23	04dd5fb3ee935efae71f38b6cc2c63f1	36/69 (52.17%)	IcedId	185.189.132.134:443
2018-10-09 07:25:23	04dd5fb3ee935efae71f38b6cc2c63f1	36/69 (52.17%)	IcedId	185.189.132.134:443
2018-10-08 14:18:18	0ad7cf8ace753582600e22acffc93f1d	20/69 (28.99%)	IcedId	185.189.132.134:443
2018-10-08 14:18:18	0ad7cf8ace753582600e22acffc93f1d	20/69 (28.99%)	IcedId	185.189.132.134:443
2018-10-08 09:26:41	fc230389e65098db63057e551da3e8fb	23/69 (33.33%)	IcedId	185.189.132.134:443
2018-10-08 09:26:41	fc230389e65098db63057e551da3e8fb	23/69 (33.33%)	IcedId	185.189.132.134:443
2018-10-07 22:32:37	7eda32223611fb2020dd265593f9678a	22/69 (31.88%)	IcedId	185.189.132.134:443
2018-10-07 22:32:37	7eda32223611fb2020dd265593f9678a	22/69 (31.88%)	IcedId	185.189.132.134:443
2018-10-07 22:14:22	7f06772aa7e28aa90e81ea8a41dd1785	22/69 (31.88%)	IcedId	185.189.132.134:443
2018-10-07 22:14:22	7f06772aa7e28aa90e81ea8a41dd1785	22/69 (31.88%)	IcedId	185.189.132.134:443
2018-10-07 22:08:41	666e0ec7a2265395e1647da1ff329c56	24/68 (35.29%)	IcedID	185.189.132.134:443
2018-10-07 22:08:41	666e0ec7a2265395e1647da1ff329c56	24/68 (35.29%)	IcedID	185.189.132.134:443
2018-10-06 03:52:54	a3f58001978bab02daa0d38d4126bdc8	33/69 (47.83%)	IcedID	185.189.132.134:443
2018-10-06 03:52:54	a3f58001978bab02daa0d38d4126bdc8	33/69 (47.83%)	IcedID	185.189.132.134:443
2018-10-03 17:02:16	361f4c87eea92a98d6c77f77732b22b0	28/68 (41.18%)	IcedID	93.189.41.44:443
2018-10-03 17:02:16	361f4c87eea92a98d6c77f77732b22b0	28/68 (41.18%)	IcedID	93.189.41.44:443
2018-10-03 07:45:01	a6dd46dbff9fedba50b9fee3fcc0b668	17/69 (24.64%)	AZORult	93.189.41.44:443
2018-10-03 07:45:01	a6dd46dbff9fedba50b9fee3fcc0b668	17/69 (24.64%)	AZORult	93.189.41.44:443
2018-10-03 04:59:48	1f24bf7f202ea30f734218de0ea5ef25	30/69 (43.48%)	IcedID	93.189.41.44:443
2018-10-03 04:59:48	1f24bf7f202ea30f734218de0ea5ef25	30/69 (43.48%)	IcedID	93.189.41.44:443
2018-10-02 23:23:22	8fc351fed42d3d9bd673a23dc74e770c	29/67 (43.28%)	IcedID	93.189.41.44:443
2018-10-02 23:23:22	8fc351fed42d3d9bd673a23dc74e770c	29/67 (43.28%)	IcedID	93.189.41.44:443
2018-10-02 09:16:13	a939a8cbf8fd7388692148aa73df8fc0	30/69 (43.48%)	IcedID	93.189.41.44:443
2018-10-02 09:16:13	a939a8cbf8fd7388692148aa73df8fc0	30/69 (43.48%)	IcedID	93.189.41.44:443
2018-10-02 06:09:23	d2ca18a50a33b83ec10164cf981565af	32/69 (46.38%)	IcedID	93.189.41.44:443
2018-10-02 06:09:23	d2ca18a50a33b83ec10164cf981565af	32/69 (46.38%)	IcedID	93.189.41.44:443
2018-10-02 00:58:21	e92ff16e171d8552c7a7c7213c2738e8	32/69 (46.38%)		93.189.41.44:443
2018-10-02 00:58:21	e92ff16e171d8552c7a7c7213c2738e8	32/69 (46.38%)		93.189.41.44:443
2018-10-01 18:52:39	0d9f79976e6cd132b944d263ca63e6a8	37/68 (54.41%)		93.189.41.44:443
2018-10-01 18:52:39	0d9f79976e6cd132b944d263ca63e6a8	37/68 (54.41%)		93.189.41.44:443
2018-10-01 11:51:48	576f342c3f280af188ad9a304b80b99c	30/69 (43.48%)		93.189.41.44:443
2018-10-01 11:51:48	576f342c3f280af188ad9a304b80b99c	30/69 (43.48%)		93.189.41.44:443
2018-09-18 23:21:06	5a80c2eee31d9e36e6fe0aa9304e7a6b	30/68 (44.12%)		93.189.41.44:443
2018-09-18 23:21:06	5a80c2eee31d9e36e6fe0aa9304e7a6b	30/68 (44.12%)		93.189.41.44:443
2018-09-10 02:36:10	9cd59b7f2d3fa4b48bf6398f1016e4d0	10/68 (14.71%)	IcedID	93.189.41.44:443
2018-09-10 02:36:10	9cd59b7f2d3fa4b48bf6398f1016e4d0	10/68 (14.71%)	IcedID	93.189.41.44:443
2018-09-09 23:33:33	67c0aaa36717640b7fed99e32cd2da2f	24/68 (35.29%)	IcedID	93.189.41.44:443
2018-09-09 23:33:33	67c0aaa36717640b7fed99e32cd2da2f	24/68 (35.29%)	IcedID	93.189.41.44:443
2018-09-07 18:46:40	0e690deb38e1d94e9a32090b90523766	n/a	IcedID	93.189.41.44:443
2018-09-07 18:46:40	0e690deb38e1d94e9a32090b90523766	n/a	IcedID	93.189.41.44:443
2018-09-07 18:13:54	5ebc70f649d3a1134b99c8822557b6c7	n/a	IcedID	93.189.41.44:443
2018-09-07 18:13:54	5ebc70f649d3a1134b99c8822557b6c7	n/a	IcedID	93.189.41.44:443
2018-09-06 11:40:59	78930770cb81ad779958da3523fcb829	29/66 (43.94%)	IcedID	93.189.41.44:443
2018-09-06 11:40:59	78930770cb81ad779958da3523fcb829	29/66 (43.94%)	IcedID	93.189.41.44:443
2018-09-05 13:09:11	0e5809d541c3f32029e2cb621c0a7dec	11/67 (16.42%)	IcedID	93.189.41.44:443
2018-09-05 13:09:11	0e5809d541c3f32029e2cb621c0a7dec	11/67 (16.42%)	IcedID	93.189.41.44:443
2018-09-05 05:37:56	13635d2a17e99982e3ade69d1c516d1e	14/67 (20.90%)	IcedID	93.189.41.44:443
2018-09-05 05:37:56	13635d2a17e99982e3ade69d1c516d1e	14/67 (20.90%)	IcedID	93.189.41.44:443
2018-09-04 04:23:37	fb6cee488b9eb025d49b619820218c81	21/68 (30.88%)	IcedID	93.189.41.44:443
2018-09-04 04:23:37	fb6cee488b9eb025d49b619820218c81	21/68 (30.88%)	IcedID	93.189.41.44:443
2018-09-02 06:22:48	2a2952ef9b7d1965d1391bc4dd588b29	38/68 (55.88%)	IcedID	93.189.41.44:443
2018-09-02 06:22:48	2a2952ef9b7d1965d1391bc4dd588b29	38/68 (55.88%)	IcedID	93.189.41.44:443
2018-08-31 03:56:29	8b01a2f06aa23ac8f5aeb9d75c5e191f	14/68 (20.59%)	IcedID	93.189.41.44:443
2018-08-31 03:56:29	8b01a2f06aa23ac8f5aeb9d75c5e191f	14/68 (20.59%)	IcedID	93.189.41.44:443
2018-08-31 02:57:29	dab689e51a1142882e2b4928855b6a62	18/68 (26.47%)	IcedID	93.189.41.44:443
2018-08-31 02:57:29	dab689e51a1142882e2b4928855b6a62	18/68 (26.47%)	IcedID	93.189.41.44:443
2018-08-27 00:44:50	70a27e3a81e8cc64a85b59a254a7250c	18/68 (26.47%)	IcedID	93.189.41.44:443
2018-08-27 00:44:50	70a27e3a81e8cc64a85b59a254a7250c	18/68 (26.47%)	IcedID	93.189.41.44:443
2018-08-25 18:20:35	f1e73d5e99dfef4f6e8de53279ddbb2f	6/66 (9.09%)	IcedID	93.189.41.44:443
2018-08-25 18:20:35	f1e73d5e99dfef4f6e8de53279ddbb2f	6/66 (9.09%)	IcedID	93.189.41.44:443
2018-08-13 09:33:38	a34cc0ea6e5f0445e558325608eb0ad4	21/67 (31.34%)	IcedID	91.214.119.37:443
2018-08-13 09:33:38	a34cc0ea6e5f0445e558325608eb0ad4	21/67 (31.34%)	IcedID	91.214.119.37:443
2018-08-11 21:53:24	bdd58251a590e8718d9dfc5cd61f2ea5	19/67 (28.36%)	IcedID	91.214.119.37:443
2018-08-11 21:53:24	bdd58251a590e8718d9dfc5cd61f2ea5	19/67 (28.36%)	IcedID	91.214.119.37:443
2018-08-08 14:58:04	aaa8f02f48cc48f6882bb131b348da07	17/68 (25.00%)	IcedID	91.214.119.37:443
2018-08-08 14:58:04	aaa8f02f48cc48f6882bb131b348da07	17/68 (25.00%)	IcedID	91.214.119.37:443
2018-08-08 14:26:04	6562061bd6881682b940c35d381fac48	14/68 (20.59%)	IcedID	91.214.119.37:443
2018-08-08 14:26:04	6562061bd6881682b940c35d381fac48	14/68 (20.59%)	IcedID	91.214.119.37:443
2018-08-08 03:08:39	c05c8b95198792843971dc4b3e6b2e36	34/66 (51.52%)	IcedId	5.187.0.158:443
2018-08-08 03:08:39	c05c8b95198792843971dc4b3e6b2e36	34/66 (51.52%)	IcedId	5.187.0.158:443
2018-08-08 01:04:18	76e01e2146e845cacc1e5d8e9be6fc51	n/a	IcedID	91.214.119.37:443
2018-08-08 01:04:18	76e01e2146e845cacc1e5d8e9be6fc51	n/a	IcedID	91.214.119.37:443
2018-08-07 12:26:20	a1c719e88bf460a09b3a0a9475a3a2b4	21/68 (30.88%)	IcedID	91.214.119.37:443
2018-08-07 12:26:20	a1c719e88bf460a09b3a0a9475a3a2b4	21/68 (30.88%)	IcedID	91.214.119.37:443
2018-08-06 22:06:21	f7252e99cd8f4df15a5bbcae4a8b719c	15/68 (22.06%)	IcedID	91.214.119.37:443
2018-08-06 22:06:21	f7252e99cd8f4df15a5bbcae4a8b719c	15/68 (22.06%)	IcedID	91.214.119.37:443
2018-08-06 19:09:01	179fcdd6d8dd708c27f8b4840792704a	11/68 (16.18%)	IcedID	91.214.119.37:443
2018-08-06 19:09:01	179fcdd6d8dd708c27f8b4840792704a	11/68 (16.18%)	IcedID	91.214.119.37:443
2018-08-06 06:27:44	4c1616593413585c5f6587c8187b69ee	19/68 (27.94%)	IcedID	91.214.119.37:443
2018-08-06 06:27:44	4c1616593413585c5f6587c8187b69ee	19/68 (27.94%)	IcedID	91.214.119.37:443
2018-08-05 07:47:14	5d6a8cf33424d7b70de0138c5fdcbf18	22/67 (32.84%)	IcedID	91.214.119.37:443
2018-08-05 07:47:14	5d6a8cf33424d7b70de0138c5fdcbf18	22/67 (32.84%)	IcedID	91.214.119.37:443
2018-08-05 05:41:08	71db639b426e7f45fdee7a00ef12da03	4/68 (5.88%)	IcedID	91.214.119.37:443
2018-08-05 05:41:08	71db639b426e7f45fdee7a00ef12da03	4/68 (5.88%)	IcedID	91.214.119.37:443
2018-08-04 09:13:17	c3bbe581c7dc7c7979619a6e76fa7759	13/67 (19.40%)	IcedID	91.214.119.37:443
2018-08-04 09:13:17	c3bbe581c7dc7c7979619a6e76fa7759	13/67 (19.40%)	IcedID	91.214.119.37:443
2018-08-03 11:35:37	d3664491a4042346ffae0ad805ce91eb	42/68 (61.76%)	Qadars	5.187.0.158:443
2018-08-03 11:35:37	d3664491a4042346ffae0ad805ce91eb	42/68 (61.76%)	Qadars	5.187.0.158:443
2018-08-01 22:18:58	f85a1bd2f10d9bc10f5ab750820e028f	23/68 (33.82%)	IcedID	91.214.119.37:443
2018-08-01 22:18:58	f85a1bd2f10d9bc10f5ab750820e028f	23/68 (33.82%)	IcedID	91.214.119.37:443

# of entries: 100 (max: 100)