SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 9245ea9841703373a66877fc4b538a20ddf67c9e.
Database Entry
| SHA1 Fingerprint: | 9245ea9841703373a66877fc4b538a20ddf67c9e |
|---|---|
| Certificate Common Name (CN): | pre.cozygardenkids.com |
| Issuer Distinguished Name (DN): | E8 |
| TLS Version: | TLS 1.2 |
| First seen: | 2025-10-13 21:55:00 UTC |
| Last seen: | 2025-10-14 06:29:56 UTC |
| Status: | Blacklisted |
| Listing reason: | Vidar C&C |
| Listing date: | 2025-10-14 06:12:35 |
| Malware samples: | 9 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2025-10-14 06:29:56 | 9130db6289911ee868c6d55fe9329ce8 | n/a | 49.13.38.173:443 | |
| 2025-10-14 06:22:03 | 3b2b040b7c57c09370dee7a038193a9b | n/a | 49.13.38.173:443 | |
| 2025-10-14 06:15:30 | f3e0c7850c353c8c567ab9ced3d1a27c | n/a | 49.13.38.173:443 | |
| 2025-10-14 06:13:31 | 7a981e99583a013a2a12c1a63867fe1a | n/a | 49.13.38.173:443 | |
| 2025-10-14 04:28:09 | 2b94c55e33e7d9db6ccd01911027b6fb | n/a | 49.13.38.173:443 | |
| 2025-10-14 03:44:29 | bbc5250379107faf0fdc47af1e678241 | n/a | 49.13.38.173:443 | |
| 2025-10-14 02:00:20 | 9eed40c426db535e6d7733b33386a012 | n/a | 49.13.38.173:443 | |
| 2025-10-13 23:38:07 | f41e77be257c2faf33e4610e4ed64595 | n/a | 49.13.38.173:443 | |
| 2025-10-13 21:55:00 | f2f4d94940e05548226d37e63a730c4b | n/a | 49.13.38.173:443 |
# of entries: 9 (max: 100)