SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 84fa28bc4a69561a09fd1c419c5bea687a7da58a.

Database Entry


SHA1 Fingerprint:84fa28bc4a69561a09fd1c419c5bea687a7da58a
Certificate Common Name (CN):dev.dev
Issuer Distinguished Name (DN):dev.dev
TLS Version:TLS 1.2' NOTBEF
First seen:2020-04-25 00:36:12 UTC
Last seen:2020-05-05 20:24:51 UTC
Status:Blacklisted
Listing reason:BazaLoader C&C
Listing date:2020-05-01 15:07:34
Malware samples:6
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2020-05-05 20:24:51c35cef0d8f236d510676004d41a7283fVirustotal results 23 / 72 (31.94%) BazaLoader34.222.222.126:443
2020-05-03 15:59:23b3b2333fa8195ad7003b6b3624ec7271Virustotal results 41 / 72 (56.94%) BazaLoader34.222.222.126:443
2020-05-02 04:37:56a5d0f9c549834d475a5faf9bc12974d7Virustotal results 30 / 70 (42.86%) BazaLoader34.222.222.126:443
2020-05-01 07:54:569066f4c98967e27a1d32f01c47884785Virustotal results 40 / 71 (56.34%) BazaLoader34.222.222.126:443
2020-04-25 01:30:43fdf79b8921487469919bb95b940899e6Virustotal results 6 / 72 (8.33%) BazaLoader34.222.222.126:443
2020-04-25 00:36:12267b23b206cde7086607e2c4471a97c4Virustotal results 27 / 72 (37.50%) BazaLoader34.222.222.126:443

# of entries: 6 (max: 100)