SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint ac2d7d26062d68bc48870cfe1afbc1dd42a24341.
Database Entry
| SHA1 Fingerprint: | ac2d7d26062d68bc48870cfe1afbc1dd42a24341 |
|---|---|
| Certificate Common Name (CN): | main.info |
| Issuer Distinguished Name (DN): | main.info |
| TLS Version: | TLS 1.2 |
| First seen: | 2018-10-10 17:38:07 UTC |
| Last seen: | 2018-11-02 05:26:04 UTC |
| Status: | Blacklisted |
| Listing reason: | IcedID C&C |
| Listing date: | 2018-10-10 17:43:30 |
| Malware samples: | 24 |
| Botnet C&Cs: | 4 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2018-11-02 05:26:04 | 6c2a8cf4607e0ccc5261422a4cfba90c |  36/66 (54.55%)
| IcedID | 188.227.18.135:443 |
| 2018-11-02 05:26:04 | 6c2a8cf4607e0ccc5261422a4cfba90c | 36/66 (54.55%)
| IcedID | 188.227.18.135:443 |
| 2018-11-01 07:23:24 | 1d724874a0d62235183112923fded8bd | 34/68 (50.00%)
| IcedID | 188.227.18.135:443 |
| 2018-11-01 07:23:24 | 1d724874a0d62235183112923fded8bd | 34/68 (50.00%)
| IcedID | 188.227.18.135:443 |
| 2018-11-01 06:05:12 | ae373528e9a2755c44bcda6247753f1d | 32/68 (47.06%)
| IcedID | 188.227.18.135:443 |
| 2018-11-01 06:05:12 | ae373528e9a2755c44bcda6247753f1d | 32/68 (47.06%)
| IcedID | 188.227.18.135:443 |
| 2018-11-01 04:37:47 | de345a11dcd9d0b40ac7021be3082973 | 40/68 (58.82%)
| IcedID | 188.227.18.135:443 |
| 2018-11-01 04:37:47 | de345a11dcd9d0b40ac7021be3082973 | 40/68 (58.82%)
| IcedID | 188.227.18.135:443 |
| 2018-10-31 07:00:56 | b6f7ee2d570dc63b5eaddbd226d477d6 | 29/67 (43.28%)
| IcedID | 185.48.57.117:443 |
| 2018-10-31 07:00:56 | b6f7ee2d570dc63b5eaddbd226d477d6 | 29/67 (43.28%)
| IcedID | 185.48.57.117:443 |
| 2018-10-31 04:22:16 | 40424ee6b08114b7fa3009c9a6643b70 | 28/67 (41.79%)
| IcedID | 185.48.57.117:443 |
| 2018-10-31 04:22:16 | 40424ee6b08114b7fa3009c9a6643b70 | 28/67 (41.79%)
| IcedID | 185.48.57.117:443 |
| 2018-10-29 13:55:29 | 527c4dbdbf801be1f723430f26d7ac3e | 33/67 (49.25%)
| IcedID | 185.48.57.117:443 |
| 2018-10-29 13:55:29 | 527c4dbdbf801be1f723430f26d7ac3e | 33/67 (49.25%)
| IcedID | 185.48.57.117:443 |
| 2018-10-29 11:42:14 | 9c5d8a00d6aec6edda293467f6354ce5 | 28/68 (41.18%)
| TinyNuke | 185.48.57.117:443 |
| 2018-10-29 11:42:14 | 9c5d8a00d6aec6edda293467f6354ce5 | 28/68 (41.18%)
| TinyNuke | 185.48.57.117:443 |
| 2018-10-28 21:52:58 | 8ddddef17f0ab4eb401d684f4a122a1b | 28/68 (41.18%)
| TinyNuke | 185.48.57.117:443 |
| 2018-10-28 21:52:58 | 8ddddef17f0ab4eb401d684f4a122a1b | 28/68 (41.18%)
| TinyNuke | 185.48.57.117:443 |
| 2018-10-23 22:53:12 | c82aad642de0420b14347146c115e214 | 36/66 (54.55%)
| Gozi | 185.48.57.117:443 |
| 2018-10-23 22:53:12 | c82aad642de0420b14347146c115e214 | 36/66 (54.55%)
| Gozi | 185.48.57.117:443 |
| 2018-10-23 06:41:05 | 443d08b3e5573b48cb38900a8660799b | 35/67 (52.24%)
| AZORult | 185.48.57.117:443 |
| 2018-10-23 06:41:05 | 443d08b3e5573b48cb38900a8660799b | 35/67 (52.24%)
| AZORult | 185.48.57.117:443 |
| 2018-10-23 01:48:51 | ea8b07f3f63dc97312e483394da5ad1c | 24/68 (35.29%)
| 185.48.57.117:443 | |
| 2018-10-23 01:48:51 | ea8b07f3f63dc97312e483394da5ad1c | 24/68 (35.29%)
| 185.48.57.117:443 | |
| 2018-10-20 09:46:20 | 6b47ec52b4c2f80af7fef477f809e480 | 5/68 (7.35%)
| IcedID | 185.48.57.117:443 |
| 2018-10-20 09:46:20 | 6b47ec52b4c2f80af7fef477f809e480 | 5/68 (7.35%)
| IcedID | 185.48.57.117:443 |
| 2018-10-18 02:11:29 | 95ef7b1aea0dcc9fdb2bd1856797bbf4 | 37/69 (53.62%)
| IcedID | 185.144.29.92:443 |
| 2018-10-18 02:11:29 | 95ef7b1aea0dcc9fdb2bd1856797bbf4 | 37/69 (53.62%)
| IcedID | 185.144.29.92:443 |
| 2018-10-14 23:20:29 | 4bd11e6b467894878a18b6f27338eb10 | 42/67 (62.69%)
| IcedID | 92.38.130.63:443 |
| 2018-10-14 23:20:29 | 4bd11e6b467894878a18b6f27338eb10 | 42/67 (62.69%)
| IcedID | 92.38.130.63:443 |
| 2018-10-14 22:43:39 | aae6afdc27a1a93fae276cc051670435 | 35/66 (53.03%)
| IcedID | 92.38.130.63:443 |
| 2018-10-14 22:43:39 | aae6afdc27a1a93fae276cc051670435 | 35/66 (53.03%)
| IcedID | 92.38.130.63:443 |
| 2018-10-13 23:05:51 | f8462a0ba65f28f8446d245dd055bd20 | 33/67 (49.25%)
| IcedID | 92.38.130.63:443 |
| 2018-10-13 23:05:51 | f8462a0ba65f28f8446d245dd055bd20 | 33/67 (49.25%)
| IcedID | 92.38.130.63:443 |
| 2018-10-13 16:52:37 | d94b509ca11c1504ff0c2a9c2f7c984f | 35/69 (50.72%)
| IcedID | 92.38.130.63:443 |
| 2018-10-13 16:52:37 | d94b509ca11c1504ff0c2a9c2f7c984f | 35/69 (50.72%)
| IcedID | 92.38.130.63:443 |
| 2018-10-13 01:19:27 | b66a9eecaf087b2c5d84dbdaaa98a9f1 | 43/69 (62.32%)
| IcedID | 92.38.130.63:443 |
| 2018-10-13 01:19:27 | b66a9eecaf087b2c5d84dbdaaa98a9f1 | 43/69 (62.32%)
| IcedID | 92.38.130.63:443 |
| 2018-10-12 16:42:23 | cd5b27bedccbc195bde308eba425e379 | 36/69 (52.17%)
| IcedID | 92.38.130.63:443 |
| 2018-10-12 16:42:23 | cd5b27bedccbc195bde308eba425e379 | 36/69 (52.17%)
| IcedID | 92.38.130.63:443 |
| 2018-10-12 12:48:19 | 612af4885305ea0a8f7234faed446738 | 34/68 (50.00%)
| IcedID | 92.38.130.63:443 |
| 2018-10-12 12:48:19 | 612af4885305ea0a8f7234faed446738 | 34/68 (50.00%)
| IcedID | 92.38.130.63:443 |
| 2018-10-11 23:39:02 | 45f33af0ac5290590a7f12e21a187d4d | 34/68 (50.00%)
| IcedID | 92.38.130.63:443 |
| 2018-10-11 23:39:02 | 45f33af0ac5290590a7f12e21a187d4d | 34/68 (50.00%)
| IcedID | 92.38.130.63:443 |
| 2018-10-11 15:33:41 | d2e02bc12241e1ecf3edfd83122cd24c | 33/69 (47.83%)
| IcedID | 92.38.130.63:443 |
| 2018-10-11 15:33:41 | d2e02bc12241e1ecf3edfd83122cd24c | 33/69 (47.83%)
| IcedID | 92.38.130.63:443 |
| 2018-10-10 17:38:07 | fc1322724ea42527f60bce9d9d099aaf | 40/69 (57.97%)
| IcedID | 92.38.130.63:443 |
| 2018-10-10 17:38:07 | fc1322724ea42527f60bce9d9d099aaf | 40/69 (57.97%)
| IcedID | 92.38.130.63:443 |
# of entries: 48 (max: 100)