SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 9f79b209ec51390787189663796c433d905df50c.

Database Entry


SHA1 Fingerprint:9f79b209ec51390787189663796c433d905df50c
Certificate Common Name (CN):afditnzurh.xyz
Issuer Distinguished Name (DN):R3
TLS Version:TLS 1.2
First seen:2021-04-13 21:42:08 UTC
Last seen:2021-04-15 17:46:05 UTC
Status:Blacklisted
Listing reason:ServHelper C&C
Listing date:2021-04-15 16:22:27
Malware samples:6
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2021-04-15 17:46:05da26eba0157a739dd088560a2f65d152Virustotal results 14 / 68 (20.59%) ServHelper94.158.245.225:443
2021-04-15 16:18:10a7ef1ea9837792dff4ede05790d3492en/aCoinMiner.XMRig94.158.245.225:443
2021-04-15 15:23:09f2ce661cf3080f1e129e10621a4d9f1en/aCoinMiner.XMRig94.158.245.225:443
2021-04-15 12:48:0352c2647b81e20a75e6c6fb99c81ca6f8Virustotal results 19 / 66 (28.79%) RaccoonStealer94.158.245.225:443
2021-04-15 12:19:582eb455eb442afdcd56e30965a7f506f2n/aRaccoonStealer94.158.245.225:443
2021-04-13 21:42:089fd2ea3eb3603e318552919c997c56aen/aRaccoonStealer94.158.245.225:443

# of entries: 6 (max: 100)