SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint a9376a357aebf80af91a289f9fcb916ee1c04384.

Database Entry


SHA1 Fingerprint:a9376a357aebf80af91a289f9fcb916ee1c04384
Certificate Common Name (CN):bettereveryball.co.uk
Issuer Distinguished Name (DN):WE1
TLS Version:TLS 1.2
First seen:2026-02-20 19:16:30 UTC
Last seen:2026-02-23 02:40:00 UTC
Status:Blacklisted
Listing reason:Vidar C&C
Listing date:2026-02-23 09:57:56
Malware samples:16
Botnet C&Cs:6

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2026-02-23 02:40:0073c5f06584c8f7669128faf1db2f3eb0n/a188.114.97.0:443
2026-02-23 02:03:1122ee46581442934cf7d8d4092275da85n/a188.114.96.3:443
2026-02-23 01:36:30322e2643c3666cef9a4be48cbd137878n/a188.114.96.12:443
2026-02-22 17:38:57773a4046e6ee8e7964854fdd297fa3b9n/a188.114.97.3:443
2026-02-22 08:49:45a1e6e2d536593b08286e789b1e4f0525n/a188.114.97.12:443
2026-02-22 07:35:422ebdfb4186c74f744b1cb8353fa907bbn/a188.114.97.3:443
2026-02-22 00:42:3531cae31577ae0648eba8c79a84cace9cn/a188.114.97.12:443
2026-02-21 19:18:5199aff5543a8c6b51f193ca0e5956b51fn/a188.114.97.0:443
2026-02-21 19:16:34ced5c3fd309036a296d6ea5794580b45n/a188.114.96.12:443
2026-02-21 18:16:46070841b653a0c7ce86396687486e0f41n/a172.67.193.62:443
2026-02-21 10:40:18615a5e0d5a68d4d9ac75d09e9cbb89f6n/a188.114.96.12:443
2026-02-21 05:45:004f415e71afd25fdd910f9afe542d4308n/a188.114.97.0:443
2026-02-21 02:50:59cdb5485f07b6e09b4d7b28544a320d46n/a188.114.96.12:443
2026-02-20 20:30:31a01002541477a0db0e24b44f6033cdffn/a188.114.97.0:443
2026-02-20 20:23:128fc5d2f4cc1fbfc5157cd90d3fb9a0ffn/a188.114.96.12:443
2026-02-20 19:16:301b5312f8e7538d8f863481989d8f878fn/a188.114.96.12:443

# of entries: 16 (max: 100)