SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 816c8eedc2632de8a88b777e28f91a4f3f7e8936.

Database Entry


SHA1 Fingerprint:816c8eedc2632de8a88b777e28f91a4f3f7e8936
Certificate Common Name (CN):default.com/emailAddress=admin@defalult.com
Issuer Distinguished Name (DN):default.com/emailAddress=admin@defalult.com
TLS Version:TLS 1.2
First seen:2018-05-25 11:41:52 UTC
Last seen:2018-10-09 23:55:47 UTC
Status:Blacklisted
Listing reason:IcedId C&C
Listing date:2018-08-08 11:52:51
Malware samples:79
Botnet C&Cs:6

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2018-10-09 23:55:47617854894a2b93058a91803817a57118Virustotal results 39/69 (56.52%) AZORult 92.38.130.63:443
2018-10-09 22:10:56e1a8062f748b218e1bf69b381980804cVirustotal results 33/69 (47.83%) IcedID 92.38.130.63:443
2018-10-09 13:23:5209e6afdbcc719f1080fd0a0f1053decfVirustotal results 31/68 (45.59%) IcedId 185.17.123.248:443
2018-10-09 13:04:0299987515ba7a00fe6fe7ce88bb45c832Virustotal results 35/69 (50.72%) IcedID 185.189.132.134:443
2018-10-09 08:52:50a35b6f6897c9fc2e1916a27fbd37118dVirustotal results 28/66 (42.42%) IcedId 185.17.123.248:443
2018-10-09 07:25:2304dd5fb3ee935efae71f38b6cc2c63f1Virustotal results 36/69 (52.17%) IcedId 185.189.132.134:443
2018-10-08 14:18:180ad7cf8ace753582600e22acffc93f1dVirustotal results 20/69 (28.99%) IcedId 185.189.132.134:443
2018-10-08 09:26:41fc230389e65098db63057e551da3e8fbVirustotal results 23/69 (33.33%) IcedId 185.189.132.134:443
2018-10-07 22:32:377eda32223611fb2020dd265593f9678aVirustotal results 22/69 (31.88%) IcedId 185.189.132.134:443
2018-10-07 22:14:227f06772aa7e28aa90e81ea8a41dd1785Virustotal results 22/69 (31.88%) IcedId 185.189.132.134:443
2018-10-07 22:08:41666e0ec7a2265395e1647da1ff329c56Virustotal results 24/68 (35.29%) IcedID 185.189.132.134:443
2018-10-06 03:52:54a3f58001978bab02daa0d38d4126bdc8Virustotal results 33/69 (47.83%) IcedID 185.189.132.134:443
2018-10-03 17:02:16361f4c87eea92a98d6c77f77732b22b0Virustotal results 28/68 (41.18%) IcedID 93.189.41.44:443
2018-10-03 07:45:01a6dd46dbff9fedba50b9fee3fcc0b668Virustotal results 17/69 (24.64%) AZORult 93.189.41.44:443
2018-10-03 04:59:481f24bf7f202ea30f734218de0ea5ef25Virustotal results 30/69 (43.48%) IcedID 93.189.41.44:443
2018-10-02 23:23:228fc351fed42d3d9bd673a23dc74e770cVirustotal results 29/67 (43.28%) IcedID 93.189.41.44:443
2018-10-02 09:16:13a939a8cbf8fd7388692148aa73df8fc0Virustotal results 30/69 (43.48%) IcedID 93.189.41.44:443
2018-10-02 06:09:23d2ca18a50a33b83ec10164cf981565afVirustotal results 32/69 (46.38%) IcedID 93.189.41.44:443
2018-10-02 00:58:21e92ff16e171d8552c7a7c7213c2738e8Virustotal results 32/69 (46.38%) 93.189.41.44:443
2018-10-01 18:52:390d9f79976e6cd132b944d263ca63e6a8Virustotal results 37/68 (54.41%) 93.189.41.44:443
2018-10-01 11:51:48576f342c3f280af188ad9a304b80b99cVirustotal results 30/69 (43.48%) 93.189.41.44:443
2018-09-18 23:21:065a80c2eee31d9e36e6fe0aa9304e7a6bVirustotal results 30/68 (44.12%) 93.189.41.44:443
2018-09-10 02:36:109cd59b7f2d3fa4b48bf6398f1016e4d0Virustotal results 10/68 (14.71%) IcedID 93.189.41.44:443
2018-09-09 23:33:3367c0aaa36717640b7fed99e32cd2da2fVirustotal results 24/68 (35.29%) IcedID 93.189.41.44:443
2018-09-07 18:46:400e690deb38e1d94e9a32090b90523766n/aIcedID 93.189.41.44:443
2018-09-07 18:13:545ebc70f649d3a1134b99c8822557b6c7n/aIcedID 93.189.41.44:443
2018-09-06 11:40:5978930770cb81ad779958da3523fcb829Virustotal results 29/66 (43.94%) IcedID 93.189.41.44:443
2018-09-05 13:09:110e5809d541c3f32029e2cb621c0a7decVirustotal results 11/67 (16.42%) IcedID 93.189.41.44:443
2018-09-05 05:37:5613635d2a17e99982e3ade69d1c516d1eVirustotal results 14/67 (20.90%) IcedID 93.189.41.44:443
2018-09-04 04:23:37fb6cee488b9eb025d49b619820218c81Virustotal results 21/68 (30.88%) IcedID 93.189.41.44:443
2018-09-02 06:22:482a2952ef9b7d1965d1391bc4dd588b29Virustotal results 38/68 (55.88%) IcedID 93.189.41.44:443
2018-08-31 03:56:298b01a2f06aa23ac8f5aeb9d75c5e191fVirustotal results 14/68 (20.59%) IcedID 93.189.41.44:443
2018-08-31 02:57:29dab689e51a1142882e2b4928855b6a62Virustotal results 18/68 (26.47%) IcedID 93.189.41.44:443
2018-08-27 00:44:5070a27e3a81e8cc64a85b59a254a7250cVirustotal results 18/68 (26.47%) IcedID 93.189.41.44:443
2018-08-25 18:20:35f1e73d5e99dfef4f6e8de53279ddbb2fVirustotal results 6/66 (9.09%) IcedID 93.189.41.44:443
2018-08-13 09:33:38a34cc0ea6e5f0445e558325608eb0ad4Virustotal results 21/67 (31.34%) IcedID 91.214.119.37:443
2018-08-11 21:53:24bdd58251a590e8718d9dfc5cd61f2ea5Virustotal results 19/67 (28.36%) IcedID 91.214.119.37:443
2018-08-08 14:58:04aaa8f02f48cc48f6882bb131b348da07Virustotal results 17/68 (25.00%) IcedID 91.214.119.37:443
2018-08-08 14:26:046562061bd6881682b940c35d381fac48Virustotal results 14/68 (20.59%) IcedID 91.214.119.37:443
2018-08-08 03:08:39c05c8b95198792843971dc4b3e6b2e36Virustotal results 34/66 (51.52%) IcedId 5.187.0.158:443
2018-08-08 01:04:1876e01e2146e845cacc1e5d8e9be6fc51n/aIcedID 91.214.119.37:443
2018-08-07 12:26:20a1c719e88bf460a09b3a0a9475a3a2b4Virustotal results 21/68 (30.88%) IcedID 91.214.119.37:443
2018-08-06 22:06:21f7252e99cd8f4df15a5bbcae4a8b719cVirustotal results 15/68 (22.06%) IcedID 91.214.119.37:443
2018-08-06 19:09:01179fcdd6d8dd708c27f8b4840792704aVirustotal results 11/68 (16.18%) IcedID 91.214.119.37:443
2018-08-06 06:27:444c1616593413585c5f6587c8187b69eeVirustotal results 19/68 (27.94%) IcedID 91.214.119.37:443
2018-08-05 07:47:145d6a8cf33424d7b70de0138c5fdcbf18Virustotal results 22/67 (32.84%) IcedID 91.214.119.37:443
2018-08-05 05:41:0871db639b426e7f45fdee7a00ef12da03Virustotal results 4/68 (5.88%) IcedID 91.214.119.37:443
2018-08-04 09:13:17c3bbe581c7dc7c7979619a6e76fa7759Virustotal results 13/67 (19.40%) IcedID 91.214.119.37:443
2018-08-03 11:35:37d3664491a4042346ffae0ad805ce91ebVirustotal results 42/68 (61.76%) Qadars 5.187.0.158:443
2018-08-01 22:18:58f85a1bd2f10d9bc10f5ab750820e028fVirustotal results 23/68 (33.82%) IcedID 91.214.119.37:443
2018-08-01 02:26:59f589c7707176d59e639a1a8889d1f671Virustotal results 5/67 (7.46%) IcedID 91.214.119.37:443
2018-07-29 10:18:46a785c5d5f8339b6e356f5a4f62b8d027Virustotal results 40/68 (58.82%) IcedID 91.214.119.37:443
2018-07-23 12:55:4875d0da54212b1e151ff28457e20f9a30Virustotal results 17/68 (25.00%) IcedID 91.214.119.37:443
2018-07-22 21:11:1032317e974dad190b5cea5506f7c56ceaVirustotal results 19/68 (27.94%) IcedID 91.214.119.37:443
2018-07-22 18:27:367da1c9ee5a6f02a04ef47016b0c6aab9Virustotal results 5/66 (7.58%) IcedID 91.214.119.37:443
2018-07-22 04:41:46ef355427f8beea09345d640192c83af6Virustotal results 39/68 (57.35%) Qadars 5.187.0.158:443
2018-07-21 23:17:504837f56dc64792849cc2f6c163421002Virustotal results 19/68 (27.94%) IcedId 5.187.0.158:443
2018-07-21 01:35:095f61e4b69ab76b1d0346c5c9c32f5b3fVirustotal results 28/68 (41.18%) IcedId 5.187.0.158:443
2018-07-19 09:13:194ff04f427f7d82fc01fea4213e2bbf75Virustotal results 19/65 (29.23%) IcedID 91.214.119.37:443
2018-07-11 09:14:3558902da75ba0a1739b0d05422ad600abVirustotal results 32/68 (47.06%) IcedId 5.187.0.158:443
2018-07-11 04:52:347dfcfd4841f4ae82da068831e1ecafeeVirustotal results 23/65 (35.38%) 5.187.0.158:443
2018-07-10 13:04:1485e5ae73f42c13d4954f7d26c66b3c4cVirustotal results 20/68 (29.41%) 5.187.0.158:443
2018-07-10 10:55:281d8d7390f89d79e7f32072583ec5ea2fVirustotal results 38/68 (55.88%) IcedId 5.187.0.158:443
2018-07-09 21:16:476d52a482d74524f7b8993be13eefda29Virustotal results 39/68 (57.35%) Qadars 5.187.0.158:443
2018-07-09 21:04:18a9484f82b452c8a5c1544ee662d40e69Virustotal results 35/68 (51.47%) IcedId 5.187.0.158:443
2018-07-09 08:53:3878bde5b61b9841b71b0132ccd6c18bedVirustotal results 20/68 (29.41%) 5.187.0.158:443
2018-07-09 08:37:58e778855816f72ffb6086be6953a37dc2Virustotal results 21/68 (30.88%) 5.187.0.158:443
2018-07-09 08:10:0383838323f1d94666d0b8f7f348c2dfe6Virustotal results 21/68 (30.88%) 5.187.0.158:443
2018-07-09 05:16:304dd7c4b8f18ba0ecaeb3a639ec286f70Virustotal results 32/68 (47.06%) 5.187.0.158:443
2018-07-09 03:39:00f6a5b488511228698ba25218d8549df6Virustotal results 25/67 (37.31%) 5.187.0.158:443
2018-07-02 10:16:28de7634af6382e3be67dd10f41f28afe3Virustotal results 12/65 (18.46%) 5.187.0.158:443
2018-07-02 07:52:38a1072066f75e09dd3c5360d1565ff270Virustotal results 21/67 (31.34%) 5.187.0.158:443
2018-06-22 13:29:3006a91421b74b9ceb4e10ee02db93b760Virustotal results 11/67 (16.42%) Nabucur5.187.0.158:443
2018-06-16 10:38:1405c0828f3c4c3f0622d80525e96b206fn/a5.187.0.158:443
2018-06-15 02:49:097e3aa453f0a3ca37c00f460341b2d218Virustotal results 29/68 (42.65%) 5.187.0.158:443
2018-06-14 07:05:4604f11f2a945a6eeac410962c10a0cc3aVirustotal results 27/66 (40.91%) 5.187.0.158:443
2018-06-07 03:52:48b73040403216359ce265c58191691c62Virustotal results 43/66 (65.15%) IcedId 5.187.0.158:443
2018-06-01 20:24:164570b4e7a805d9a00d7bd484c42f6fb6Virustotal results 19/66 (28.79%) IcedId 5.187.0.158:443
2018-05-25 11:41:52c5fb4d98704fef2ae85c04db6173bea4Virustotal results 31/66 (46.97%) Qadars 5.187.0.158:443

# of entries: 79 (max: 100)