SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 928d7fe9413b876c33efc24006e4c3071179f5e9.
Database Entry
| SHA1 Fingerprint: | 928d7fe9413b876c33efc24006e4c3071179f5e9 |
|---|---|
| Certificate Common Name (CN): | freshtug.top |
| Issuer Distinguished Name (DN): | WE1 |
| TLS Version: | TLS 1.2 |
| First seen: | 2025-06-02 17:50:46 UTC |
| Last seen: | 2025-06-18 20:17:25 UTC |
| Status: | Blacklisted |
| Listing reason: | ACRStealer C&C |
| Listing date: | 2025-06-03 06:01:01 |
| Malware samples: | 6 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2025-06-18 20:17:25 | f060db3e1546e65436e69f5db6be2fc9 | n/a | 172.67.143.18:443 | |
| 2025-06-18 07:56:26 | e0fe826934af1359245c11f2643776b6 | n/a | 172.67.143.18:443 | |
| 2025-06-16 22:58:32 | 986a3bfc711a8c21fad027ecf5425976 | n/a | 172.67.143.18:443 | |
| 2025-06-06 14:05:10 | fb6ff4bfd5febd803a88b2fee6f9bb6b | n/a | 172.67.143.18:443 | |
| 2025-06-03 17:43:28 | fdde7a7acbe42b0ad3f3bbd31ac753d5 | n/a | 172.67.143.18:443 | |
| 2025-06-02 17:50:46 | 9e0440e6efd1e623f76e0eb796655692 | n/a | 172.67.143.18:443 | |
| 2025-06-02 17:50:46 | 9e0440e6efd1e623f76e0eb796655692 | n/a | 172.67.143.18:443 |
# of entries: 7 (max: 100)