SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 8837c6822f45d9b99ceb582f5d98c82789477ea4.
Database Entry
| SHA1 Fingerprint: | 8837c6822f45d9b99ceb582f5d98c82789477ea4 |
|---|---|
| Certificate Common Name (CN): | jmfbrtbsmth.com |
| Issuer Distinguished Name (DN): | jmfbrtbsmth.com |
| TLS Version: | TLS 1.2 |
| First seen: | 2016-07-30 12:22:16 UTC |
| Last seen: | 2016-11-24 18:24:36 UTC |
| Status: | Blacklisted |
| Listing reason: | Vawtrak C&C |
| Listing date: | 2016-08-10 10:06:05 |
| Malware samples: | 42 |
| Botnet C&Cs: | 24 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-11-24 18:24:36 | aad03ef24251afbac16c249b721928cb |  34/57 (59.65%)
| Vawtrak | 185.17.120.166:443 |
| 2016-11-24 18:24:36 | aad03ef24251afbac16c249b721928cb | 34/57 (59.65%)
| Vawtrak | 185.17.120.166:443 |
| 2016-11-24 12:43:34 | 8be5879d77b377161796d4de5d4b36eb | 29/56 (51.79%)
| Vawtrak | 83.220.168.42:443 |
| 2016-11-24 12:43:34 | 8be5879d77b377161796d4de5d4b36eb | 29/56 (51.79%)
| Vawtrak | 83.220.168.42:443 |
| 2016-11-23 23:26:34 | 18d8606807af8bc7d06da32477c60c0b | 24/56 (42.86%)
| Downloader.Pony | 83.220.168.42:443 |
| 2016-11-23 23:26:34 | 18d8606807af8bc7d06da32477c60c0b | 24/56 (42.86%)
| Downloader.Pony | 83.220.168.42:443 |
| 2016-11-22 23:55:10 | 4aad8364188d63aa28f2ee01066533f4 | n/a | Vawtrak | 77.246.158.191:443 |
| 2016-11-22 23:55:10 | 4aad8364188d63aa28f2ee01066533f4 | n/a | Vawtrak | 77.246.158.191:443 |
| 2016-11-22 22:40:28 | ca4b9639fe06fdf32ea1295d895bac77 | 39/57 (68.42%)
| Vawtrak | 77.246.158.191:443 |
| 2016-11-22 22:40:28 | ca4b9639fe06fdf32ea1295d895bac77 | 39/57 (68.42%)
| Vawtrak | 77.246.158.191:443 |
| 2016-11-18 06:41:55 | e624986f1c3218b7527b723412c0815c | 9/57 (15.79%)
| Vawtrak | 82.146.32.87:443 |
| 2016-11-18 06:41:55 | e624986f1c3218b7527b723412c0815c | 9/57 (15.79%)
| Vawtrak | 82.146.32.87:443 |
| 2016-11-17 17:11:57 | 49e644ec33e7cc9d2899c90cb8ba0d75 | 35/57 (61.40%)
| Vawtrak | 94.23.169.75:443 |
| 2016-11-17 17:11:57 | 49e644ec33e7cc9d2899c90cb8ba0d75 | 35/57 (61.40%)
| Vawtrak | 94.23.169.75:443 |
| 2016-11-16 19:23:20 | ddef86a97d892abbdc0f61407ec769fe | 21/56 (37.50%)
| Hancitor | 82.146.32.87:443 |
| 2016-11-16 19:23:20 | ddef86a97d892abbdc0f61407ec769fe | 21/56 (37.50%)
| Hancitor | 82.146.32.87:443 |
| 2016-11-16 16:22:46 | 63a3e4753c1bee0f3aa8fb6c1c83f730 | 6/57 (10.53%)
| Vawtrak | 94.23.169.75:443 |
| 2016-11-16 16:22:46 | 63a3e4753c1bee0f3aa8fb6c1c83f730 | 6/57 (10.53%)
| Vawtrak | 94.23.169.75:443 |
| 2016-11-02 17:16:00 | be824d05aac9b1f627a7dceeb41ad2b8 | 6/56 (10.71%)
| Vawtrak | 93.189.43.99:443 |
| 2016-11-02 17:16:00 | be824d05aac9b1f627a7dceeb41ad2b8 | 6/56 (10.71%)
| Vawtrak | 93.189.43.99:443 |
| 2016-11-01 16:38:54 | 9a6e0e1431f9bd45c83e27224a994803 | 7/55 (12.73%)
| Vawtrak | 93.189.43.99:443 |
| 2016-11-01 16:38:54 | 9a6e0e1431f9bd45c83e27224a994803 | 7/55 (12.73%)
| Vawtrak | 93.189.43.99:443 |
| 2016-10-31 16:22:39 | b0b4a88285523f4d3f3654584b0022e1 | 11/56 (19.64%)
| Vawtrak | 146.185.254.45:443 |
| 2016-10-31 16:22:39 | b0b4a88285523f4d3f3654584b0022e1 | 11/56 (19.64%)
| Vawtrak | 146.185.254.45:443 |
| 2016-10-27 20:48:50 | 5616aabff05e209108b5dac66a398b5a | 36/55 (65.45%)
| Vawtrak | 185.75.46.13:443 |
| 2016-10-27 20:48:50 | 5616aabff05e209108b5dac66a398b5a | 36/55 (65.45%)
| Vawtrak | 185.75.46.13:443 |
| 2016-10-27 17:38:04 | 7b198c0b47912690316c666b8c447e59 | 13/57 (22.81%)
| Vawtrak | 185.75.46.13:443 |
| 2016-10-27 17:38:04 | 7b198c0b47912690316c666b8c447e59 | 13/57 (22.81%)
| Vawtrak | 185.75.46.13:443 |
| 2016-10-24 02:52:02 | b8c4afadd3fc1b99a155d31a24591694 | 42/57 (73.68%)
| Vawtrak | 88.214.236.47:443 |
| 2016-10-24 02:52:02 | b8c4afadd3fc1b99a155d31a24591694 | 42/57 (73.68%)
| Vawtrak | 88.214.236.47:443 |
| 2016-10-21 05:16:35 | 211e9145dd724e538362face5740e6e2 | 38/57 (66.67%)
| Vawtrak | 88.214.236.47:443 |
| 2016-10-21 05:16:35 | 211e9145dd724e538362face5740e6e2 | 38/57 (66.67%)
| Vawtrak | 88.214.236.47:443 |
| 2016-10-14 13:11:57 | 1923f3299229e40d245b0a91e032c700 | 23/56 (41.07%)
| Vawtrak | 78.155.217.154:443 |
| 2016-10-14 13:11:57 | 1923f3299229e40d245b0a91e032c700 | 23/56 (41.07%)
| Vawtrak | 78.155.217.154:443 |
| 2016-10-14 12:57:08 | 04dff6c8aea520d68797902f20892c0d | 41/55 (74.55%)
| H1N1 | 78.155.217.154:443 |
| 2016-10-14 12:57:08 | 04dff6c8aea520d68797902f20892c0d | 41/55 (74.55%)
| H1N1 | 78.155.217.154:443 |
| 2016-10-14 12:18:47 | 96baf916355fb7a10d76721d9819e300 | 17/56 (30.36%)
| Vawtrak | 78.155.217.154:443 |
| 2016-10-14 12:18:47 | 96baf916355fb7a10d76721d9819e300 | 17/56 (30.36%)
| Vawtrak | 78.155.217.154:443 |
| 2016-10-13 15:35:31 | e4dbe5d7a3dea14818431397a4967d0d | 25/55 (45.45%)
| Vawtrak | 78.155.217.154:443 |
| 2016-10-13 15:35:31 | e4dbe5d7a3dea14818431397a4967d0d | 25/55 (45.45%)
| Vawtrak | 78.155.217.154:443 |
| 2016-10-13 06:42:05 | ef26e4c1eb933fac780dd6e337ee6f4c | n/a | Hancitor | 78.155.217.154:443 |
| 2016-10-13 06:42:05 | ef26e4c1eb933fac780dd6e337ee6f4c | n/a | Hancitor | 78.155.217.154:443 |
| 2016-10-12 18:26:05 | b37da106cbe73a4450dc28786f7da27f | 40/57 (70.18%)
| Hancitor | 78.155.217.154:443 |
| 2016-10-12 18:26:05 | b37da106cbe73a4450dc28786f7da27f | 40/57 (70.18%)
| Hancitor | 78.155.217.154:443 |
| 2016-10-05 21:21:21 | 1627a0b37c3d8f17fb37746dafb74017 | 34/55 (61.82%)
| Vawtrak | 95.213.139.101:443 |
| 2016-10-05 21:21:21 | 1627a0b37c3d8f17fb37746dafb74017 | 34/55 (61.82%)
| Vawtrak | 95.213.139.101:443 |
| 2016-10-05 06:33:31 | 4bf28eb356ec918db9c3ec3e5d8fbf44 | 21/56 (37.50%)
| Vawtrak | 95.213.139.101:443 |
| 2016-10-05 06:33:31 | 4bf28eb356ec918db9c3ec3e5d8fbf44 | 21/56 (37.50%)
| Vawtrak | 95.213.139.101:443 |
| 2016-10-03 17:02:37 | 219b8c6cbb6f133485e2ddabc8ccfad5 | 29/56 (51.79%)
| Vawtrak | 91.200.14.81:443 |
| 2016-10-03 17:02:37 | 219b8c6cbb6f133485e2ddabc8ccfad5 | 29/56 (51.79%)
| Vawtrak | 91.200.14.81:443 |
| 2016-10-01 10:10:10 | ca3ca965da5f10c75a04803dc6abe54c | 34/57 (59.65%)
| ZeuS | 91.200.14.81:443 |
| 2016-10-01 10:10:10 | ca3ca965da5f10c75a04803dc6abe54c | 34/57 (59.65%)
| ZeuS | 91.200.14.81:443 |
| 2016-09-27 18:03:59 | cebd26c28f001e8931fa494723d7844a | 35/57 (61.40%)
| Hancitor | 85.17.82.104:443 |
| 2016-09-27 18:03:59 | cebd26c28f001e8931fa494723d7844a | 35/57 (61.40%)
| Hancitor | 85.17.82.104:443 |
| 2016-09-23 09:07:33 | 1ee5fa596da0f6e5233ae6d779e343f2 | 34/58 (58.62%)
| Vawtrak | 185.82.216.58:443 |
| 2016-09-23 09:07:33 | 1ee5fa596da0f6e5233ae6d779e343f2 | 34/58 (58.62%)
| Vawtrak | 185.82.216.58:443 |
| 2016-09-21 22:17:39 | 1ef8651c15af70c282881241dc1d7082 | 35/57 (61.40%)
| ZeuS | 93.171.202.162:443 |
| 2016-09-21 22:17:39 | 1ef8651c15af70c282881241dc1d7082 | 35/57 (61.40%)
| ZeuS | 93.171.202.162:443 |
| 2016-09-18 11:12:12 | e0ed9be259786067687860c80a1f05f9 | 33/57 (57.89%)
| Vawtrak | 93.171.202.162:443 |
| 2016-09-18 11:12:12 | e0ed9be259786067687860c80a1f05f9 | 33/57 (57.89%)
| Vawtrak | 93.171.202.162:443 |
| 2016-09-16 11:42:10 | 89c9a54a97fa9c0760338963daf3cc56 | 38/57 (66.67%)
| Vawtrak | 95.47.161.41:443 |
| 2016-09-16 11:42:10 | 89c9a54a97fa9c0760338963daf3cc56 | 38/57 (66.67%)
| Vawtrak | 95.47.161.41:443 |
| 2016-08-29 21:46:34 | 9be737d78d1c235627d105cd27af60e4 | 30/56 (53.57%)
| ZeuS | 188.166.10.125:443 |
| 2016-08-29 21:46:34 | 9be737d78d1c235627d105cd27af60e4 | 30/56 (53.57%)
| ZeuS | 188.166.10.125:443 |
| 2016-08-25 11:51:58 | feb0791b2a7964782798ebdc2ed6ec5d | 34/56 (60.71%)
| ZeuS | 188.166.10.125:443 |
| 2016-08-25 11:51:58 | feb0791b2a7964782798ebdc2ed6ec5d | 34/56 (60.71%)
| ZeuS | 188.166.10.125:443 |
| 2016-08-18 22:34:52 | 257be373d6a211705a26b00c3c5b9a49 | 14/56 (25.00%)
| ZeuS | 91.215.154.221:443 |
| 2016-08-18 22:34:52 | 257be373d6a211705a26b00c3c5b9a49 | 14/56 (25.00%)
| ZeuS | 91.215.154.221:443 |
| 2016-08-18 15:11:38 | f751e779d165593cef521ffc8d41e66e | 2/53 (3.77%)
| ZeuS | 194.67.209.108:443 |
| 2016-08-18 15:11:38 | f751e779d165593cef521ffc8d41e66e | 2/53 (3.77%)
| ZeuS | 194.67.209.108:443 |
| 2016-08-18 08:57:11 | 9597fc80f793bbeceed69be9b1344fdb | 28/56 (50.00%)
| ZeuS | 194.67.209.108:443 |
| 2016-08-18 08:57:11 | 9597fc80f793bbeceed69be9b1344fdb | 28/56 (50.00%)
| ZeuS | 194.67.209.108:443 |
| 2016-08-15 07:17:42 | 8c49bc076fe9ae5019f13fe899ef4661 | 26/55 (47.27%)
| ZeuS | 185.14.28.107:443 |
| 2016-08-15 07:17:42 | 8c49bc076fe9ae5019f13fe899ef4661 | 26/55 (47.27%)
| ZeuS | 185.14.28.107:443 |
| 2016-08-11 19:53:24 | 968cdc517daf9e2f31eaad3fce154145 | 30/57 (52.63%)
| ZeuS | 91.203.5.144:443 |
| 2016-08-11 19:53:24 | 968cdc517daf9e2f31eaad3fce154145 | 30/57 (52.63%)
| ZeuS | 91.203.5.144:443 |
| 2016-08-11 05:12:24 | a7c3ae050fce663499f78bcfeea59399 | 3/54 (5.56%)
| Vawtrak | 137.74.175.83:443 |
| 2016-08-11 05:12:24 | a7c3ae050fce663499f78bcfeea59399 | 3/54 (5.56%)
| Vawtrak | 137.74.175.83:443 |
| 2016-08-07 20:39:15 | 948abf9ce0cb527a56b54c8937f93d1b | 26/55 (47.27%)
| ZeuS | 93.189.43.27:443 |
| 2016-08-07 20:39:15 | 948abf9ce0cb527a56b54c8937f93d1b | 26/55 (47.27%)
| ZeuS | 93.189.43.27:443 |
| 2016-07-31 16:15:52 | bff55fccd09c6d74f3a653d2b168878f | 8/55 (14.55%)
| Vawtrak | 194.1.238.45:443 |
| 2016-07-31 16:15:52 | bff55fccd09c6d74f3a653d2b168878f | 8/55 (14.55%)
| Vawtrak | 194.1.238.45:443 |
| 2016-07-30 12:22:16 | 1a922cb1867d461409c6e2e49313c4b1 | 22/54 (40.74%)
| ZeuS | 194.1.238.45:443 |
| 2016-07-30 12:22:16 | 1a922cb1867d461409c6e2e49313c4b1 | 22/54 (40.74%)
| ZeuS | 194.1.238.45:443 |
# of entries: 84 (max: 100)