SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 929f7e2f736a21a802b518e60ed1763cd6e1d4c3.

Database Entry

SHA1 Fingerprint:	929f7e2f736a21a802b518e60ed1763cd6e1d4c3
Certificate Common Name (CN):	menosita.top
Issuer Distinguished Name (DN):	Let's Encrypt Authority X3
TLS Version:	TLS 1.2
First seen:	2020-06-20 12:12:13 UTC
Last seen:	2020-07-07 08:04:12 UTC
Status:	Blacklisted
Listing reason:	BuerLoader C&C
Listing date:	2020-06-20 13:01:01
Malware samples:	6
Botnet C&Cs:	4

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2020-07-07 08:04:12	df6e1e72261d4741c7ab841b098ab497	25 / 72 (34.72%)	BuerLoader	84.38.181.209:443
2020-07-07 08:04:12	df6e1e72261d4741c7ab841b098ab497	25 / 72 (34.72%)	BuerLoader	84.38.181.209:443
2020-06-30 19:23:23	234a0ee0cdaa29becee56d587aa7045a	43 / 72 (59.72%)	Gozi	84.38.180.246:443
2020-06-30 19:23:23	234a0ee0cdaa29becee56d587aa7045a	43 / 72 (59.72%)	Gozi	84.38.180.246:443
2020-06-30 05:37:10	f500854e3cf9556688203a3d869b7d6d	n/a	Gozi	84.38.180.246:443
2020-06-30 05:37:10	f500854e3cf9556688203a3d869b7d6d	n/a	Gozi	84.38.180.246:443
2020-06-25 17:40:01	0e61476cad9bd740f9c8ee109e7ab06e	39 / 73 (53.42%)	Gozi	80.249.144.38:443
2020-06-25 17:40:01	0e61476cad9bd740f9c8ee109e7ab06e	39 / 73 (53.42%)	Gozi	80.249.144.38:443
2020-06-20 17:08:31	a99913243923dee0dff5dbfa2c7f2e9f	18 / 74 (24.32%)	BuerLoader	188.68.221.93:443
2020-06-20 17:08:31	a99913243923dee0dff5dbfa2c7f2e9f	18 / 74 (24.32%)	BuerLoader	188.68.221.93:443
2020-06-20 12:12:13	a52d7f6d9c7e44219981fb88ede52a8c	31 / 74 (41.89%)	BuerLoader	188.68.221.93:443
2020-06-20 12:12:13	a52d7f6d9c7e44219981fb88ede52a8c	31 / 74 (41.89%)	BuerLoader	188.68.221.93:443

# of entries: 12 (max: 100)