SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 90ac758820db52ef9ce198d359c538a44c26ab59.
Database Entry
| SHA1 Fingerprint: | 90ac758820db52ef9ce198d359c538a44c26ab59 |
|---|---|
| Certificate Common Name (CN): | DcRat |
| Issuer Distinguished Name (DN): | DcRat Server, OU=qwqdanchun, O=DcRat By qwqdanchun, L=SH, C=CN |
| TLS Version: | TLSv1 |
| First seen: | 2022-07-07 14:57:43 UTC |
| Last seen: | 2022-11-24 07:16:27 UTC |
| Status: | Blacklisted |
| Listing reason: | AsyncRAT C&C |
| Listing date: | 2022-11-26 10:12:45 |
| Malware samples: | 6 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2022-11-24 07:16:27 | bb4d6b0c6fedb67decb7e721d2e9304c |  50 / 72 (69.44%)
| AsyncRAT | 193.149.3.239:1938 |
| 2022-11-07 20:59:13 | 443ef8089165c941e52f62c0166af528 | 49 / 70 (70.00%)
| AsyncRAT | 193.149.3.239:1938 |
| 2022-08-30 23:04:14 | 50e04fbee51100aded80fef27cdd167d | 55 / 71 (77.46%)
| AsyncRAT | 193.149.3.239:1938 |
| 2022-08-06 19:09:59 | 011d86137efb5f3a00b9f0c5fbc94900 | 50 / 71 (70.42%)
| AsyncRAT | 193.149.3.239:1938 |
| 2022-07-25 11:16:08 | 2fc31fe50927c2855aa8dcd1f21b01ee | 48 / 70 (68.57%)
| XFilesStealer | 193.149.3.239:1938 |
| 2022-07-07 14:57:43 | e6a81346cb023c8edbf72ebfce32fe4c | 44 / 67 (65.67%)
| AsyncRAT | 193.149.3.239:1938 |
# of entries: 6 (max: 100)