SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 9d863fcb327ad4411841ee0713293ea4a52adf95.

Database Entry

SHA1 Fingerprint:9d863fcb327ad4411841ee0713293ea4a52adf95
Certificate Common Name (CN):C=zz, L=Default City, O=Default Company Ltd
Issuer Distinguished Name (DN):C=zz, L=Default City, O=Default Company Ltd
TLS Version:TLS 1.2
First seen:2016-10-18 17:18:53 UTC
Last seen:2016-10-26 07:01:13 UTC
Listing reason:Vawtrak C&C
Listing date:2016-10-19 09:26:08
Malware samples:6
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-10-26 07:01:1373e1c53f7b6e4e083b2fe54ef3638a19n/aVawtrak
2016-10-20 04:33:269a347a42bce9f95bf309aaa64b3f4765Virustotal results 24/56 (42.86%) Vawtrak
2016-10-19 20:42:4841cd9bcabaa86e398f64db994d07583bVirustotal results 31/56 (55.36%) Vawtrak
2016-10-19 14:58:1649626c16e0bd76d924a8767660f3f99bVirustotal results 26/56 (46.43%) Vawtrak
2016-10-19 10:32:1811a70cbb9c539fa457f61e8d26d7531fVirustotal results 34/57 (59.65%) Vawtrak
2016-10-18 17:18:53a3c88312a55bfb82fccabe40c7eb2e4eVirustotal results 22/56 (39.29%) Vawtrak

# of entries: 6 (max: 100)