SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 9d863fcb327ad4411841ee0713293ea4a52adf95.

Database Entry

SHA1 Fingerprint:	9d863fcb327ad4411841ee0713293ea4a52adf95
Certificate Common Name (CN):	C=zz, L=Default City, O=Default Company Ltd
Issuer Distinguished Name (DN):	C=zz, L=Default City, O=Default Company Ltd
TLS Version:	TLS 1.2
First seen:	2016-10-18 17:18:53 UTC
Last seen:	2016-10-26 07:01:13 UTC
Status:	Blacklisted
Listing reason:	Vawtrak C&C
Listing date:	2016-10-19 09:26:08
Malware samples:	6
Botnet C&Cs:	1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2016-10-26 07:01:13	73e1c53f7b6e4e083b2fe54ef3638a19	n/a	Vawtrak	92.63.110.69:443
2016-10-26 07:01:13	73e1c53f7b6e4e083b2fe54ef3638a19	n/a	Vawtrak	92.63.110.69:443
2016-10-20 04:33:26	9a347a42bce9f95bf309aaa64b3f4765	24/56 (42.86%)	Vawtrak	92.63.110.69:443
2016-10-20 04:33:26	9a347a42bce9f95bf309aaa64b3f4765	24/56 (42.86%)	Vawtrak	92.63.110.69:443
2016-10-19 20:42:48	41cd9bcabaa86e398f64db994d07583b	31/56 (55.36%)	Vawtrak	92.63.110.69:443
2016-10-19 20:42:48	41cd9bcabaa86e398f64db994d07583b	31/56 (55.36%)	Vawtrak	92.63.110.69:443
2016-10-19 14:58:16	49626c16e0bd76d924a8767660f3f99b	26/56 (46.43%)	Vawtrak	92.63.110.69:443
2016-10-19 14:58:16	49626c16e0bd76d924a8767660f3f99b	26/56 (46.43%)	Vawtrak	92.63.110.69:443
2016-10-19 10:32:18	11a70cbb9c539fa457f61e8d26d7531f	34/57 (59.65%)	Vawtrak	92.63.110.69:443
2016-10-19 10:32:18	11a70cbb9c539fa457f61e8d26d7531f	34/57 (59.65%)	Vawtrak	92.63.110.69:443
2016-10-18 17:18:53	a3c88312a55bfb82fccabe40c7eb2e4e	22/56 (39.29%)	Vawtrak	92.63.110.69:443
2016-10-18 17:18:53	a3c88312a55bfb82fccabe40c7eb2e4e	22/56 (39.29%)	Vawtrak	92.63.110.69:443

# of entries: 12 (max: 100)