SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint a9376a357aebf80af91a289f9fcb916ee1c04384.

Database Entry

SHA1 Fingerprint:	a9376a357aebf80af91a289f9fcb916ee1c04384
Certificate Common Name (CN):	bettereveryball.co.uk
Issuer Distinguished Name (DN):	WE1
TLS Version:	TLS 1.2
First seen:	2026-02-20 19:16:30 UTC
Last seen:	2026-02-23 02:40:00 UTC
Status:	Blacklisted
Listing reason:	Vidar C&C
Listing date:	2026-02-23 09:57:56
Malware samples:	16
Botnet C&Cs:	6

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Botnet C&C (IP:port)
2026-02-23 02:40:00	73c5f06584c8f7669128faf1db2f3eb0	n/a	188.114.97.0:443
2026-02-23 02:03:11	22ee46581442934cf7d8d4092275da85	n/a	188.114.96.3:443
2026-02-23 01:36:30	322e2643c3666cef9a4be48cbd137878	n/a	188.114.96.12:443
2026-02-22 17:38:57	773a4046e6ee8e7964854fdd297fa3b9	n/a	188.114.97.3:443
2026-02-22 08:49:45	a1e6e2d536593b08286e789b1e4f0525	n/a	188.114.97.12:443
2026-02-22 07:35:42	2ebdfb4186c74f744b1cb8353fa907bb	n/a	188.114.97.3:443
2026-02-22 00:42:35	31cae31577ae0648eba8c79a84cace9c	n/a	188.114.97.12:443
2026-02-21 19:18:51	99aff5543a8c6b51f193ca0e5956b51f	n/a	188.114.97.0:443
2026-02-21 19:16:34	ced5c3fd309036a296d6ea5794580b45	n/a	188.114.96.12:443
2026-02-21 18:16:46	070841b653a0c7ce86396687486e0f41	n/a	172.67.193.62:443
2026-02-21 10:40:18	615a5e0d5a68d4d9ac75d09e9cbb89f6	n/a	188.114.96.12:443
2026-02-21 05:45:00	4f415e71afd25fdd910f9afe542d4308	n/a	188.114.97.0:443
2026-02-21 02:50:59	cdb5485f07b6e09b4d7b28544a320d46	n/a	188.114.96.12:443
2026-02-20 20:30:31	a01002541477a0db0e24b44f6033cdff	n/a	188.114.97.0:443
2026-02-20 20:23:12	8fc5d2f4cc1fbfc5157cd90d3fb9a0ff	n/a	188.114.96.12:443
2026-02-20 19:16:30	1b5312f8e7538d8f863481989d8f878f	n/a	188.114.96.12:443

# of entries: 16 (max: 100)