SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint b0bbe3dae1eb458064c619801d05a8dc5e233934.
Database Entry
| SHA1 Fingerprint: | b0bbe3dae1eb458064c619801d05a8dc5e233934 |
|---|---|
| Certificate Common Name (CN): | Send-Safe |
| Issuer Distinguished Name (DN): | Send-Safe |
| TLS Version: | SSLv3 |
| First seen: | 2015-12-10 18:55:12 UTC |
| Last seen: | 2016-10-27 17:38:04 UTC |
| Status: | Blacklisted |
| Listing reason: | Send-Safe C&C |
| Listing date: | 2016-01-09 14:53:02 |
| Malware samples: | 15 |
| Botnet C&Cs: | 8 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-10-27 17:38:04 | 7b198c0b47912690316c666b8c447e59 |  13/57 (22.81%)
| Vawtrak | 91.220.131.78:50007 |
| 2016-10-27 17:38:04 | 7b198c0b47912690316c666b8c447e59 | 13/57 (22.81%)
| Vawtrak | 91.220.131.78:50007 |
| 2016-10-11 20:56:55 | 1d5040d5cf56bdfa46987a6736586515 | 32/56 (57.14%)
| Hancitor | 91.220.131.174:50007 |
| 2016-10-11 20:56:55 | 1d5040d5cf56bdfa46987a6736586515 | 32/56 (57.14%)
| Hancitor | 91.220.131.174:50007 |
| 2016-03-09 17:56:27 | 69e9284ae915f5ef1f204eeb5da11027 | 16/57 (28.07%)
| Sendsafe | 80.90.179.149:5001 |
| 2016-03-09 17:56:27 | 69e9284ae915f5ef1f204eeb5da11027 | 16/57 (28.07%)
| Sendsafe | 80.90.179.149:5001 |
| 2016-02-10 16:05:08 | 59058b5a502c19d3000f4d7d5ad5517a | 9/54 (16.67%)
| 91.200.14.59:5001 | |
| 2016-02-10 16:05:08 | 59058b5a502c19d3000f4d7d5ad5517a | 9/54 (16.67%)
| 91.200.14.59:5001 | |
| 2016-01-28 18:10:15 | e570855b16136e3a8fa779cf633310d4 | 3/53 (5.66%)
| 80.90.179.149:5001 | |
| 2016-01-28 18:10:15 | e570855b16136e3a8fa779cf633310d4 | 3/53 (5.66%)
| 80.90.179.149:5001 | |
| 2016-01-28 17:23:35 | ff823130efcdf8ab267cad92eb5b90d7 | 2/53 (3.77%)
| 193.218.145.168:5001 | |
| 2016-01-28 17:23:35 | ff823130efcdf8ab267cad92eb5b90d7 | 2/53 (3.77%)
| 193.218.145.168:5001 | |
| 2016-01-27 17:05:56 | 4d23585a7e0637cb48887ff79ddd7c5a | 13/54 (24.07%)
| 91.215.153.43:5001 | |
| 2016-01-27 17:05:56 | 4d23585a7e0637cb48887ff79ddd7c5a | 13/54 (24.07%)
| 91.215.153.43:5001 | |
| 2016-01-25 21:12:03 | 4ded6e9239e359fbe8c317400e879864 | 2/54 (3.70%)
| 31.184.198.248:5001 | |
| 2016-01-25 21:12:03 | 4ded6e9239e359fbe8c317400e879864 | 2/54 (3.70%)
| 31.184.198.248:5001 | |
| 2016-01-14 14:59:32 | 9cb90abad5137c8903d8436f58b39943 | 6/55 (10.91%)
| 31.184.198.248:5001 | |
| 2016-01-14 14:59:32 | 9cb90abad5137c8903d8436f58b39943 | 6/55 (10.91%)
| 31.184.198.248:5001 | |
| 2016-01-09 08:38:14 | a608b6cfb37df4e7edb9ad236fa7b666 | n/a | 31.184.198.248:5001 | |
| 2016-01-09 08:38:14 | a608b6cfb37df4e7edb9ad236fa7b666 | n/a | 31.184.198.248:5001 | |
| 2015-12-16 16:55:42 | 125a72d023d99ee889ac47e5ea82846f | n/a | 31.184.198.248:5001 | |
| 2015-12-16 16:55:42 | 125a72d023d99ee889ac47e5ea82846f | n/a | 31.184.198.248:5001 | |
| 2015-12-16 16:34:11 | 8484f1e73c7418b6ae3846729536d996 | n/a | 88.198.119.118:5001 | |
| 2015-12-16 16:34:11 | 8484f1e73c7418b6ae3846729536d996 | n/a | 88.198.119.118:5001 | |
| 2015-12-11 17:46:15 | d2f45c4945be287c58a7d41eec38ecf0 | 10/54 (18.52%)
| 31.184.198.248:5001 | |
| 2015-12-11 17:46:15 | d2f45c4945be287c58a7d41eec38ecf0 | 10/54 (18.52%)
| 31.184.198.248:5001 | |
| 2015-12-10 19:48:17 | 62803491eba08b79c4ab98a34d8a641b | 27/54 (50.00%)
| 88.198.119.118:5001 | |
| 2015-12-10 19:48:17 | 62803491eba08b79c4ab98a34d8a641b | 27/54 (50.00%)
| 88.198.119.118:5001 | |
| 2015-12-10 18:55:12 | 040b9cf66906660378a8579f110fb931 | n/a | 88.198.119.118:5001 | |
| 2015-12-10 18:55:12 | 040b9cf66906660378a8579f110fb931 | n/a | 88.198.119.118:5001 |
# of entries: 30 (max: 100)