SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 930be326b1335b0ce83f0b2d60391009c9d44684.

Database Entry


SHA1 Fingerprint:930be326b1335b0ce83f0b2d60391009c9d44684
Certificate Common Name (CN):C=xx, L=Default City, O=Default Company Ltd
Issuer Distinguished Name (DN):C=xx, L=Default City, O=Default Company Ltd
TLS Version:TLS 1.2
First seen:2016-11-24 17:29:38 UTC
Last seen:2016-11-25 15:45:33 UTC
Status:Blacklisted
Listing reason:Vawtrak C&C
Listing date:2016-11-26 09:58:47
Malware samples:5
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-11-25 15:45:333ed67d0cefb79d67ddede5e6572447c2Virustotal results 33/57 (57.89%) Vawtrak 185.25.50.12:443
2016-11-25 11:59:020092e5ccdb9c786c86bfff38968b9d8aVirustotal results 26/57 (45.61%) Vawtrak 185.25.50.12:443
2016-11-24 22:30:584246c65973c36493c517dd67191626eaVirustotal results 23/57 (40.35%) Vawtrak 185.25.50.12:443
2016-11-24 19:51:28a0013a9dade98d25c57f2ec89e8a1d40Virustotal results 21/57 (36.84%) Vawtrak 185.25.50.12:443
2016-11-24 17:29:3888fc2b588007e71c9c9db91f6e9609f8n/aVawtrak 185.25.50.12:443

# of entries: 5 (max: 100)