SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 940fb0c3a989d7faeb968a90a86d9c6f3bdba8fd.

Database Entry

SHA1 Fingerprint:940fb0c3a989d7faeb968a90a86d9c6f3bdba8fd
Certificate Common Name (CN):Vlqddctxgso Fxqmghqqdxxfmt, OU=Bwiequedqqkyh, ST=rmejteykyigc, O=Xugwmxjfkcvubm, C=DJ, L=Vnqjyppcs
Issuer Distinguished Name (DN):Vlqddctxgso Fxqmghqqdxxfmt, OU=Bwiequedqqkyh, ST=rmejteykyigc, O=Xugwmxjfkcvubm, C=DJ, L=Vnqjyppcs
TLS Version:TLS 1.2
First seen:2022-12-11 13:18:30 UTC
Last seen:2022-12-12 12:55:49 UTC
Status:Blacklisted
Listing reason:Malware C&C
Listing date:2022-12-12 15:15:57
Malware samples:16
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2022-12-12 12:55:49d5e21739ad8389d5d12e4faba082f54en/a103.144.139.170:443
2022-12-12 12:47:37448483f45bf731b6c6e41ed78a5b6b1bn/aSmoke Loader 103.144.139.170:443
2022-12-12 11:19:3655206925816561fdfd5084646adac1fdn/a103.144.139.170:443
2022-12-12 09:48:44901992917efa296ba596201028060f1aVirustotal results 35 / 72 (48.61%) 103.144.139.170:443
2022-12-12 09:15:042871f622c01139921710f661ca4b2cb3n/aSmoke Loader 103.144.139.170:443
2022-12-12 08:44:00757acfd1ba37c079e285f9fec08e26d1Virustotal results 32 / 68 (47.06%) 103.144.139.170:443
2022-12-12 08:39:42c796aabf1036c38d5d412cdaff3e8fb0Virustotal results 32 / 70 (45.71%) DanaBot103.144.139.170:443
2022-12-12 08:39:121e18802bcb6d9ea041ff5f96e525d5e9Virustotal results 26 / 72 (36.11%) Smoke Loader 103.144.139.170:443
2022-12-12 08:37:25319224d1227655aa782ca6a25eb0bf61Virustotal results 25 / 72 (34.72%) Smoke Loader 103.144.139.170:443
2022-12-12 08:36:42554bf3ab1fc9155d63662115ebacc842Virustotal results 33 / 72 (45.83%) DanaBot103.144.139.170:443
2022-12-11 20:31:05ea3efe71241ac2eb46915c11bf53e7c6Virustotal results 32 / 71 (45.07%) 103.144.139.170:443
2022-12-11 17:06:42f8b8314b7d08da6031746e385d2827e0Virustotal results 25 / 71 (35.21%) DanaBot103.144.139.170:443
2022-12-11 15:00:17c2427ed6c147ade1f7b1577ff0b0cd41n/a103.144.139.170:443
2022-12-11 14:53:13b187ca4afc3d0e086fb494c7c36ec163n/aSmoke Loader 103.144.139.170:443
2022-12-11 14:42:3358ef37070a1a2e91fb70940b8cf0bb8aVirustotal results 30 / 67 (44.78%) 103.144.139.170:443
2022-12-11 13:18:30988e75b89c16702410f5e6e55dcde5daVirustotal results 23 / 69 (33.33%) Smoke Loader 103.144.139.170:443

# of entries: 16 (max: 100)