SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint a571fb26952c9f6ecad7c6aec928bda870aa0d31.

Database Entry

SHA1 Fingerprint:	a571fb26952c9f6ecad7c6aec928bda870aa0d31
Certificate Common Name (CN):	mariton.ws
Issuer Distinguished Name (DN):	R3
TLS Version:	TLS 1.2
First seen:	2022-05-24 18:37:06 UTC
Last seen:	2022-05-29 06:03:27 UTC
Status:	Blacklisted
Listing reason:	Smoke Loader C&C
Listing date:	2022-05-29 06:30:39
Malware samples:	34
Botnet C&Cs:	5

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2022-05-29 06:03:27	0f7a49f47b0f704238adfbf57777663e	30 / 64 (46.88%)	Smoke Loader	80.66.64.42:443
2022-05-28 19:22:38	efbb4d097679be92c9a9a70a5f3ef660	n/a	Smoke Loader	80.66.64.42:443
2022-05-28 19:14:34	55dce7a598eb859cf4b050757c7b5185	42 / 64 (65.62%)	Smoke Loader	80.66.64.42:443
2022-05-28 14:02:33	2a2435261ebb760fd06af06ce77a8f2c	n/a	Smoke Loader	80.66.64.42:443
2022-05-28 13:30:30	91070c3789e10d09e391c748d9d7478c	54 / 68 (79.41%)	Smoke Loader	80.66.64.42:443
2022-05-27 21:21:51	a6d00c6a710021a5f8c99eafcc4d90ee	45 / 68 (66.18%)	Amadey	80.66.64.42:443
2022-05-27 16:30:27	307990859eb551fcfba77c6e3269cbbf	24 / 69 (34.78%)	Smoke Loader	195.2.81.11:443
2022-05-27 10:18:20	3c582e60aa38c371f3784055409b1f40	32 / 66 (48.48%)	Smoke Loader	5.188.90.197:443
2022-05-27 09:53:31	b48b7bd7884fc01871d476f25c542fac	26 / 68 (38.24%)	OnlyLogger	5.188.90.197:443
2022-05-27 06:57:03	e110b014af21ac7a1fb4005ecf089767	38 / 68 (55.88%)	Smoke Loader	92.255.111.11:443
2022-05-27 06:52:34	dbc75d5ebd8a2aeafd7d166ab4909956	34 / 68 (50.00%)	Smoke Loader	92.255.111.11:443
2022-05-27 06:50:28	b6db17f1536d7f5bc2b18e9fa2bf027b	34 / 67 (50.75%)	Smoke Loader	92.255.111.11:443
2022-05-27 03:52:54	ae4ee3b1d5147879c6ca93b686a20f3d	48 / 68 (70.59%)	OnlyLogger	92.255.111.11:443
2022-05-26 17:58:46	c85ca413cc81ee30582d149a719f5ff0	47 / 69 (68.12%)	OnlyLogger	92.255.111.11:443
2022-05-26 17:15:25	6a293112ddd6920aa38458641768157a	22 / 66 (33.33%)	Smoke Loader	92.255.111.11:443
2022-05-26 16:58:52	3b6ed56aeca3ac9e92a4019b26b348b5	25 / 64 (39.06%)	OnlyLogger	92.255.111.11:443
2022-05-26 16:52:04	c856b16661a4dbe81f1bd46269c3f35b	39 / 68 (57.35%)	OnlyLogger	92.255.111.11:443
2022-05-26 14:06:32	c6ab86c845e763dfe78b6f07242fa444	28 / 69 (40.58%)	Smoke Loader	92.255.111.11:443
2022-05-26 12:22:14	5e43103cbd880222b144c55181c7ce4a	27 / 69 (39.13%)	Smoke Loader	92.255.111.11:443
2022-05-26 11:03:26	4d8d2c0c4a29b98bf5a8752fdd0a91a5	n/a	Smoke Loader	92.255.111.11:443
2022-05-26 06:59:28	754ec19dd74855ff2e72e82fc0e0f118	n/a	Smoke Loader	92.255.111.11:443
2022-05-26 06:50:24	f263c3a622fe93df3bae206d591aefe4	n/a	Smoke Loader	92.255.111.11:443
2022-05-26 06:02:36	c896eb7af44f18839af649ff8fb49951	n/a	Smoke Loader	92.255.111.11:443
2022-05-26 05:40:19	5a8540d03783ed24f54529b0bd843e60	n/a	Smoke Loader	92.255.111.11:443
2022-05-26 04:24:12	bbfa44b9608b314d4e7bcea29576134f	43 / 68 (63.24%)	RedLineStealer	92.255.111.11:443
2022-05-26 04:15:59	e9498c255d73a244d445cdda0c7a54ca	n/a	Smoke Loader	92.255.111.11:443
2022-05-25 23:04:27	d7cdd2c8a258a83092e120e310dd64e0	23 / 67 (34.33%)	Smoke Loader	92.255.111.11:443
2022-05-25 22:24:41	19b5f78fdf161953eae1ac87f196cf7c	26 / 69 (37.68%)	Smoke Loader	92.255.111.11:443
2022-05-25 16:56:53	5d4b5d26b63da2ad2c1e9fc282529321	n/a	Smoke Loader	5.188.89.1:443
2022-05-25 14:37:39	490b609fbafed8092084986e332fca9c	n/a	Smoke Loader	5.188.89.1:443
2022-05-25 07:13:43	ac06f9bca0eb89e6ff92a6dba5593fb9	39 / 68 (57.35%)	RedLineStealer	5.188.89.1:443
2022-05-25 04:03:37	2c7b02dedb123e0c947ba0755adf319e	19 / 66 (28.79%)	Smoke Loader	5.188.89.1:443
2022-05-24 19:37:29	464106b8c60c410f12db2ee06068cd3f	n/a	Smoke Loader	5.188.89.1:443
2022-05-24 18:37:06	8e77d6848af7de802d828d237de18b70	n/a	Smoke Loader	5.188.89.1:443

# of entries: 34 (max: 100)