SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 8837c6822f45d9b99ceb582f5d98c82789477ea4.

Database Entry


SHA1 Fingerprint:8837c6822f45d9b99ceb582f5d98c82789477ea4
Certificate Common Name (CN):jmfbrtbsmth.com
Issuer Distinguished Name (DN):jmfbrtbsmth.com
TLS Version:TLS 1.2
First seen:2016-07-30 12:22:16 UTC
Last seen:2016-11-24 18:24:36 UTC
Status:Blacklisted
Listing reason:Vawtrak C&C
Listing date:2016-08-10 10:06:05
Malware samples:42
Botnet C&Cs:24

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-11-24 18:24:36aad03ef24251afbac16c249b721928cbVirustotal results 34/57 (59.65%) Vawtrak 185.17.120.166:443
2016-11-24 12:43:348be5879d77b377161796d4de5d4b36ebVirustotal results 29/56 (51.79%) Vawtrak 83.220.168.42:443
2016-11-23 23:26:3418d8606807af8bc7d06da32477c60c0bVirustotal results 24/56 (42.86%) Downloader.Pony83.220.168.42:443
2016-11-22 23:55:104aad8364188d63aa28f2ee01066533f4n/aVawtrak 77.246.158.191:443
2016-11-22 22:40:28ca4b9639fe06fdf32ea1295d895bac77Virustotal results 39/57 (68.42%) Vawtrak 77.246.158.191:443
2016-11-18 06:41:55e624986f1c3218b7527b723412c0815cVirustotal results 9/57 (15.79%) Vawtrak 82.146.32.87:443
2016-11-17 17:11:5749e644ec33e7cc9d2899c90cb8ba0d75Virustotal results 35/57 (61.40%) Vawtrak 94.23.169.75:443
2016-11-16 19:23:20ddef86a97d892abbdc0f61407ec769feVirustotal results 21/56 (37.50%) Hancitor82.146.32.87:443
2016-11-16 16:22:4663a3e4753c1bee0f3aa8fb6c1c83f730Virustotal results 6/57 (10.53%) Vawtrak 94.23.169.75:443
2016-11-02 17:16:00be824d05aac9b1f627a7dceeb41ad2b8Virustotal results 6/56 (10.71%) Vawtrak 93.189.43.99:443
2016-11-01 16:38:549a6e0e1431f9bd45c83e27224a994803Virustotal results 7/55 (12.73%) Vawtrak 93.189.43.99:443
2016-10-31 16:22:39b0b4a88285523f4d3f3654584b0022e1Virustotal results 11/56 (19.64%) Vawtrak 146.185.254.45:443
2016-10-27 20:48:505616aabff05e209108b5dac66a398b5aVirustotal results 36/55 (65.45%) Vawtrak 185.75.46.13:443
2016-10-27 17:38:047b198c0b47912690316c666b8c447e59Virustotal results 13/57 (22.81%) Vawtrak 185.75.46.13:443
2016-10-24 02:52:02b8c4afadd3fc1b99a155d31a24591694Virustotal results 42/57 (73.68%) Vawtrak 88.214.236.47:443
2016-10-21 05:16:35211e9145dd724e538362face5740e6e2Virustotal results 38/57 (66.67%) Vawtrak 88.214.236.47:443
2016-10-14 13:11:571923f3299229e40d245b0a91e032c700Virustotal results 23/56 (41.07%) Vawtrak 78.155.217.154:443
2016-10-14 12:57:0804dff6c8aea520d68797902f20892c0dVirustotal results 41/55 (74.55%) H1N178.155.217.154:443
2016-10-14 12:18:4796baf916355fb7a10d76721d9819e300Virustotal results 17/56 (30.36%) Vawtrak 78.155.217.154:443
2016-10-13 15:35:31e4dbe5d7a3dea14818431397a4967d0dVirustotal results 25/55 (45.45%) Vawtrak 78.155.217.154:443
2016-10-13 06:42:05ef26e4c1eb933fac780dd6e337ee6f4cn/aHancitor78.155.217.154:443
2016-10-12 18:26:05b37da106cbe73a4450dc28786f7da27fVirustotal results 40/57 (70.18%) Hancitor78.155.217.154:443
2016-10-05 21:21:211627a0b37c3d8f17fb37746dafb74017Virustotal results 34/55 (61.82%) Vawtrak 95.213.139.101:443
2016-10-05 06:33:314bf28eb356ec918db9c3ec3e5d8fbf44Virustotal results 21/56 (37.50%) Vawtrak 95.213.139.101:443
2016-10-03 17:02:37219b8c6cbb6f133485e2ddabc8ccfad5Virustotal results 29/56 (51.79%) Vawtrak 91.200.14.81:443
2016-10-01 10:10:10ca3ca965da5f10c75a04803dc6abe54cVirustotal results 34/57 (59.65%) ZeuS 91.200.14.81:443
2016-09-27 18:03:59cebd26c28f001e8931fa494723d7844aVirustotal results 35/57 (61.40%) Hancitor85.17.82.104:443
2016-09-23 09:07:331ee5fa596da0f6e5233ae6d779e343f2Virustotal results 34/58 (58.62%) Vawtrak 185.82.216.58:443
2016-09-21 22:17:391ef8651c15af70c282881241dc1d7082Virustotal results 35/57 (61.40%) ZeuS 93.171.202.162:443
2016-09-18 11:12:12e0ed9be259786067687860c80a1f05f9Virustotal results 33/57 (57.89%) Vawtrak 93.171.202.162:443
2016-09-16 11:42:1089c9a54a97fa9c0760338963daf3cc56Virustotal results 38/57 (66.67%) Vawtrak 95.47.161.41:443
2016-08-29 21:46:349be737d78d1c235627d105cd27af60e4Virustotal results 30/56 (53.57%) ZeuS 188.166.10.125:443
2016-08-25 11:51:58feb0791b2a7964782798ebdc2ed6ec5dVirustotal results 34/56 (60.71%) ZeuS 188.166.10.125:443
2016-08-18 22:34:52257be373d6a211705a26b00c3c5b9a49Virustotal results 14/56 (25.00%) ZeuS 91.215.154.221:443
2016-08-18 15:11:38f751e779d165593cef521ffc8d41e66eVirustotal results 2/53 (3.77%) ZeuS 194.67.209.108:443
2016-08-18 08:57:119597fc80f793bbeceed69be9b1344fdbVirustotal results 28/56 (50.00%) ZeuS 194.67.209.108:443
2016-08-15 07:17:428c49bc076fe9ae5019f13fe899ef4661Virustotal results 26/55 (47.27%) ZeuS 185.14.28.107:443
2016-08-11 19:53:24968cdc517daf9e2f31eaad3fce154145Virustotal results 30/57 (52.63%) ZeuS 91.203.5.144:443
2016-08-11 05:12:24a7c3ae050fce663499f78bcfeea59399Virustotal results 3/54 (5.56%) Vawtrak 137.74.175.83:443
2016-08-07 20:39:15948abf9ce0cb527a56b54c8937f93d1bVirustotal results 26/55 (47.27%) ZeuS 93.189.43.27:443
2016-07-31 16:15:52bff55fccd09c6d74f3a653d2b168878fVirustotal results 8/55 (14.55%) Vawtrak 194.1.238.45:443
2016-07-30 12:22:161a922cb1867d461409c6e2e49313c4b1Virustotal results 22/54 (40.74%) ZeuS 194.1.238.45:443

# of entries: 42 (max: 100)