SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 930be326b1335b0ce83f0b2d60391009c9d44684.
Database Entry
| SHA1 Fingerprint: | 930be326b1335b0ce83f0b2d60391009c9d44684 |
|---|---|
| Certificate Common Name (CN): | C=xx, L=Default City, O=Default Company Ltd |
| Issuer Distinguished Name (DN): | C=xx, L=Default City, O=Default Company Ltd |
| TLS Version: | TLS 1.2 |
| First seen: | 2016-11-24 17:29:38 UTC |
| Last seen: | 2016-11-25 15:45:33 UTC |
| Status: | Blacklisted |
| Listing reason: | Vawtrak C&C |
| Listing date: | 2016-11-26 09:58:47 |
| Malware samples: | 5 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-11-25 15:45:33 | 3ed67d0cefb79d67ddede5e6572447c2 |  33/57 (57.89%)
| Vawtrak | 185.25.50.12:443 |
| 2016-11-25 15:45:33 | 3ed67d0cefb79d67ddede5e6572447c2 | 33/57 (57.89%)
| Vawtrak | 185.25.50.12:443 |
| 2016-11-25 11:59:02 | 0092e5ccdb9c786c86bfff38968b9d8a | 26/57 (45.61%)
| Vawtrak | 185.25.50.12:443 |
| 2016-11-25 11:59:02 | 0092e5ccdb9c786c86bfff38968b9d8a | 26/57 (45.61%)
| Vawtrak | 185.25.50.12:443 |
| 2016-11-24 22:30:58 | 4246c65973c36493c517dd67191626ea | 23/57 (40.35%)
| Vawtrak | 185.25.50.12:443 |
| 2016-11-24 22:30:58 | 4246c65973c36493c517dd67191626ea | 23/57 (40.35%)
| Vawtrak | 185.25.50.12:443 |
| 2016-11-24 19:51:28 | a0013a9dade98d25c57f2ec89e8a1d40 | 21/57 (36.84%)
| Vawtrak | 185.25.50.12:443 |
| 2016-11-24 19:51:28 | a0013a9dade98d25c57f2ec89e8a1d40 | 21/57 (36.84%)
| Vawtrak | 185.25.50.12:443 |
| 2016-11-24 17:29:38 | 88fc2b588007e71c9c9db91f6e9609f8 | n/a | Vawtrak | 185.25.50.12:443 |
| 2016-11-24 17:29:38 | 88fc2b588007e71c9c9db91f6e9609f8 | n/a | Vawtrak | 185.25.50.12:443 |
# of entries: 10 (max: 100)