SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint b20d20ac3b2492f11a2775d800fd726e14fc6fa6.

Database Entry


SHA1 Fingerprint:b20d20ac3b2492f11a2775d800fd726e14fc6fa6
Certificate Common Name (CN):microsoft.com/emailAddress=private@sysprivpop.lkdd
Issuer Distinguished Name (DN):microsoft.com/emailAddress=private@sysprivpop.lkdd
TLS Version:TLSv1
First seen:2016-04-14 06:05:37 UTC
Last seen:2017-04-24 16:51:13 UTC
Status:Blacklisted
Listing reason:Qadars C&C
Listing date:2016-04-14 10:29:17
Malware samples:205
Botnet C&Cs:74

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2017-04-24 16:51:13413198e0c3bd95f4e8f67bff990c6e9cVirustotal results 26/61 (42.62%) 188.124.170.93:443
2017-03-19 06:13:106acdca2d1cf4a3b182889c7635fbc4d0Virustotal results 7/59 (11.86%) Qadars 175.136.183.22:443
2017-03-18 22:38:097bd2de2cb765907bb4ed320e812e4c21Virustotal results 13/62 (20.97%) Qadars 183.87.11.253:443
2017-03-01 05:02:07489be1c5793608b66d692e76586a1a6dVirustotal results 4/58 (6.90%) Qadars 195.174.126.121:443
2017-02-27 01:16:25758b56d450d499d22231b7d6d383a9d1Virustotal results 35/58 (60.34%) Qadars 85.85.140.82:443
2017-02-27 00:52:505529b0f8acda5eda29cd57fe0614c6acVirustotal results 22/58 (37.93%) Qadars 85.85.140.82:443
2017-02-24 15:04:234056ea1636848696d0f7b3c8f35c1ad5Virustotal results 38/60 (63.33%) Qadars 171.61.232.165:443
2017-02-14 15:21:277f62695b3f64aa0e1585a0e080f6b1bcVirustotal results 28/58 (48.28%) Qadars 85.104.229.104:443
2017-02-13 18:57:38f851d1da7554abe6a19d3f678642d7bbVirustotal results 35/59 (59.32%) Qadars 85.101.189.216:443
2017-02-11 13:43:26dc77de4a7812adc24ab1624b9e629b68Virustotal results 7/56 (12.50%) Qadars 125.26.255.230:443
2017-01-29 23:08:45fdeb6c840992704c5f0c8c610c213a63Virustotal results 29/57 (50.88%) Qadars 62.221.97.151:443
2017-01-21 08:15:56a113db2e591af2bd3d664c3eeba64d48Virustotal results 20/54 (37.04%) Qadars 5.239.214.127:443
2017-01-10 21:00:26ece55c222dfbdc1ee0725aba30d13ab1Virustotal results 29/58 (50.00%) Qadars 46.11.36.216:443
2017-01-10 05:03:23c6e7df7de2bb51132cdfdd2d1f5c1c71Virustotal results 2/56 (3.57%) Qadars 222.254.22.64:443
2017-01-08 06:38:38f85dbc57af16ff29e7be1fb7fffdaf82Virustotal results 6/56 (10.71%) Qadars 114.37.52.2:443
2016-12-28 11:49:20a896bb6b9c28369afeedbb3e7642bcc4Virustotal results 13/55 (23.64%) Qadars 85.85.138.188:443
2016-12-27 11:10:171fdb4be497173eec3065ea6eb2baacbeVirustotal results 41/55 (74.55%) Qadars 80.112.73.129:443
2016-12-10 01:38:00b5c1c8c31fa729eb6e2ce609d2daf8efVirustotal results 18/53 (33.96%) Qadars 79.100.73.20:443
2016-12-01 06:40:326ddb243286dc52f529460b5c1992b184Virustotal results 4/56 (7.14%) Qadars 151.242.20.227:443
2016-11-29 21:51:00e3ba29a8d1ba84ee1dd801079f65097eVirustotal results 10/56 (17.86%) Qadars 184.18.128.137:443
2016-11-27 21:59:383f6f80b4ca2cc61c34d5daf43e189232Virustotal results 11/56 (19.64%) Qadars 88.246.171.125:443
2016-11-26 14:51:16e2648cab691787ef1677597f08b43c1cVirustotal results 11/56 (19.64%) Qadars 107.171.180.198:443
2016-11-24 18:51:3326c890233151302c842e6e8d215acabdVirustotal results 5/57 (8.77%) Qadars 2.89.220.124:443
2016-11-23 01:37:020a3c401a3a6bd860ca361d9117491dadn/aQadars 71.228.17.79:443
2016-11-21 19:40:52873ad60c46ce695cfdd717c079ae351cn/aQadars 188.214.179.241:443
2016-11-20 02:08:066ca0dcbe4353694397ae548ed9173d24n/aQadars 178.128.197.167:443
2016-11-18 19:12:112b33238f019f5345dff90999dc665325Virustotal results 22/57 (38.60%) Qadars 41.188.91.188:443
2016-11-17 08:59:37bf116446a681fd1f13562e5675b0e00cVirustotal results 31/56 (55.36%) Qadars 116.100.211.197:443
2016-11-16 22:21:13e9173aadd7ecadbbced5471bbc0f6785Virustotal results 33/57 (57.89%) Qadars 83.20.96.160:443
2016-11-15 22:32:217021c765e7d09c36a620625141f505a4Virustotal results 26/56 (46.43%) Qadars 78.8.109.89:443
2016-11-15 22:25:55d10e4caf9d9a4b9c7c10a9f21a857d54Virustotal results 28/57 (49.12%) Qadars 76.69.91.161:443
2016-11-15 10:55:21f7b08b8ad40f9eface7e4966625f5b88Virustotal results 31/54 (57.41%) Qadars 79.129.123.204:443
2016-11-14 09:34:59653bf7d1a31825fc40a666adadb3a007Virustotal results 19/66 (28.79%) Qadars 122.164.197.0:443
2016-10-27 14:12:31d4903558af8f0a5d7efbe25685558476Virustotal results 40/57 (70.18%) Qadars 82.77.104.71:443
2016-10-27 11:00:35d6f14f29c4859d648fa6d08e66a79d96Virustotal results 38/57 (66.67%) Qadars 197.27.36.50:443
2016-10-27 08:42:59136ec33c5f32dade4fd0987a67c3c860Virustotal results 36/57 (63.16%) Qadars 105.228.99.40:443
2016-10-26 23:27:175237553d53ae88e02184819a2f317fb3Virustotal results 19/56 (33.93%) Qadars 187.199.114.3:443
2016-10-25 19:09:16ce520c23e2349802e555851bfdabacf8Virustotal results 4/57 (7.02%) Qadars 151.237.6.68:443
2016-10-25 08:05:257f4ac06b764fe9be49870dddbc606fa0Virustotal results 26/57 (45.61%) Qadars 182.72.222.14:443
2016-10-25 05:20:241ec85843d06afd7dc359e4523dbd8772Virustotal results 34/56 (60.71%) Qadars 82.77.104.71:443
2016-10-25 03:38:370b13acfe900a2b1a9cb4d7d7553a2377Virustotal results 38/57 (66.67%) Qadars 178.149.68.20:443
2016-10-24 20:18:5088c1ee553486175b82df8660d6b0d834Virustotal results 40/57 (70.18%) Qadars 2.176.118.127:443
2016-10-21 03:47:17e1a13bc49ff020cdd493145cf8e2ff6bVirustotal results 10/56 (17.86%) Qadars 91.244.19.186:443
2016-10-10 22:41:41dbf530bb862393e0917c5cc738a39d51Virustotal results 25/56 (44.64%) Qadars 189.49.185.126:443
2016-10-02 21:02:3562b0788149b545e88d88b31333a5e89dVirustotal results 25/57 (43.86%) Qadars 173.89.28.70:443
2016-10-02 16:10:10a93f1c37371a012ed73e4fa3a0c27faaVirustotal results 30/57 (52.63%) Qadars 31.43.41.51:443
2016-09-25 14:30:56d6e0d558f6a6179bc362e4114f330c58Virustotal results 16/57 (28.07%) Qadars 190.161.133.235:443
2016-09-25 01:08:07e0cd44b4b2491cafa3a7d49f03e804edVirustotal results 31/56 (55.36%) Qadars 188.246.91.173:443
2016-09-22 09:08:081b572ea217d94157689fa137fcbb38c7Virustotal results 6/56 (10.71%) Qadars 151.237.6.68:443
2016-09-20 19:43:548c482d0f981a97e761f96c8fd6aa8ae4Virustotal results 29/56 (51.79%) Qadars 186.176.140.17:443
2016-09-20 12:38:24685d4c5af54db16643104fe406f2e7d7n/aQadars 24.217.71.115:443
2016-09-17 13:02:270e28ab15f15a8648f504e7af90d3d348Virustotal results 5/58 (8.62%) Qadars 45.51.17.196:443
2016-09-13 16:11:29993a5dfd20bf7de690925d2da2180dd5Virustotal results 3/57 (5.26%) Qadars 84.76.246.49:443
2016-09-10 09:24:24e8aa3a3bb2d515b0f737f6bc8a08fafbVirustotal results 18/58 (31.03%) Qadars 86.98.46.164:443
2016-09-08 03:31:1853904893a54acec3ed844d2d10b9b9daVirustotal results 30/58 (51.72%) Qadars 176.15.44.120:443
2016-09-04 23:41:38fcaa99613ab95a359fe4e55b89212b3aVirustotal results 21/58 (36.21%) Qadars 74.138.174.182:443
2016-09-04 18:46:3314ddfb95f8c581bf15aca8fe8c04f763Virustotal results 25/57 (43.86%) Qadars 176.15.44.120:443
2016-09-03 23:20:56bd472e8abd6c3ca2ce503d245e07d410Virustotal results 24/57 (42.11%) Qadars 77.20.137.163:443
2016-09-02 10:47:39476b6518ab4e0ce88b620a76dd11314bVirustotal results 25/56 (44.64%) Qadars 70.21.194.174:443
2016-09-02 10:33:56f558b427a102e6f914ab99d784ca4af6Virustotal results 21/58 (36.21%) Qadars 188.2.247.31:443
2016-09-02 05:32:240f6e8921d92e521dc047057e9486f0c7Virustotal results 7/58 (12.07%) Qadars 120.150.250.109:443
2016-09-01 23:09:35bb192a138761f05190d39aa88cd9163bVirustotal results 28/58 (48.28%) Qadars 2.107.189.230:443
2016-09-01 00:15:17467f6be2ff0dd77b1b2d260334ceadb6n/aQadars 180.183.141.122:443
2016-08-31 07:43:28c0b02ac01297ce558ff1abffada825f9Virustotal results 26/57 (45.61%) Qadars 101.51.30.133:443
2016-08-30 16:46:53e840a7c47aa7e1ebc915c7b1707afe66n/aQadars 75.134.205.120:443
2016-08-23 12:37:2980d9db13f182aacbb714e43df09b0dfaVirustotal results 2/56 (3.57%) Qadars 2.107.220.42:443
2016-08-21 03:09:018352e78e37d81599f2fca8d3022595f9Virustotal results 8/56 (14.29%) Qadars 60.162.195.203:443
2016-08-11 22:06:53dd40ed7e5e685ea8b143956282cb39c0Virustotal results 4/55 (7.27%) Qadars 80.42.164.216:443
2016-07-30 23:04:05e2a8631e22f05e37abb9a3f81a311a25Virustotal results 12/55 (21.82%) Qadars 172.246.126.156:443
2016-07-14 04:44:399718790b27ad1148207bd573e281fe44Virustotal results 4/55 (7.27%) Qadars 185.141.27.159:443
2016-06-27 19:51:0050f163f13c2ff8fdb5262a672eb39b19Virustotal results 3/54 (5.56%) Qadars 188.138.69.102:443
2016-05-28 14:24:1951ee3cc5583438d59bd46d6adeeb7f2fVirustotal results 24/57 (42.11%) Qadars 185.141.25.31:443
2016-05-27 15:57:047e1849bfcd491df3ab14fc58204095den/aQadars 185.141.25.31:443
2016-05-18 06:30:3163fd6fd1ed52d52e2b0c3b196dbc341an/aTinba185.106.120.52:443
2016-05-17 08:14:532817d80475f360d6e5727879d95c633dVirustotal results 10/57 (17.54%) Tinba185.106.120.52:443
2016-05-06 06:23:1165a72a79e7373363597ff5726e46ed26n/aQadars 192.52.167.210:443
2016-05-05 11:18:26bf82901c8b41c0f296eab7f7ae90e375n/aQadars 192.52.167.210:443
2016-05-05 09:52:15b6beb22baa34113deb607542d057ca87n/aQadars 192.52.167.210:443
2016-05-05 08:48:181da399a531aff19dcc79421b6eb8c36cn/aQadars 185.82.202.100:443
2016-05-05 04:41:135665b00b8c57e0484bbb0d42baecc846n/aQadars 192.52.167.210:443
2016-05-05 03:43:223886965f93ccded735b64f1ef4b80254n/aQadars 192.52.167.210:443
2016-05-05 03:14:465c4531433e9b5842cc559c9855dfd73cn/aQadars 192.52.167.210:443
2016-05-05 02:31:33b20c7934a8884c64bbb219c0247ad3e6n/aQadars 192.52.167.210:443
2016-05-05 01:20:333263d941d7d976325f73df2b4a395f6fn/aQadars 192.52.167.210:443
2016-05-05 01:15:058dfd10bca1124f103d7a49e1979836aan/aQadars 192.52.167.210:443
2016-05-05 01:01:40c8c4e2441f90adf5597980246f7209c0n/aQadars 192.52.167.210:443
2016-05-05 00:46:29367a4d6f2174112b36fee7f9d8f67781n/aQadars 192.52.167.210:443
2016-05-05 00:44:31820318190e8bb2a47d2b2203b705ce55n/aQadars 192.52.167.210:443
2016-05-05 00:11:45c20007b2d67c5dae67e1b4933c50f27cn/aQadars 192.52.167.210:443
2016-05-04 23:54:18aef4e7352c8c24829442472c74129468n/aQadars 192.52.167.210:443
2016-05-04 22:13:124a3e72201d8d1eb98d7f77acd838001an/aQadars 192.52.167.210:443
2016-05-04 22:06:53a37fdc205c223f71858f655644e07d47n/aQadars 192.52.167.210:443
2016-05-04 21:43:27a4b1ae2e0179a7cc7147471a069e761cn/aQadars 192.52.167.210:443
2016-05-04 21:11:26e75d19fdba9657c799ee7e449cf19019n/aQadars 192.52.167.210:443
2016-05-04 20:46:56a1c8254edce7db441cae02a66ff56c0bn/aQadars 192.52.167.210:443
2016-05-04 20:03:5320b79778ab9c240fb4529938d6deb41aVirustotal results 13/57 (22.81%) Qadars 192.52.167.210:443
2016-05-04 18:02:29ae10bfbef9fb8c1380e4d71862495699n/aQadars 192.52.167.210:443
2016-05-04 17:18:303e93d94344daf8ed1eaf6b7b393f6281n/aQadars 192.52.167.210:443
2016-05-04 17:14:06d89b63e068cb48d32cddce609c412127n/aQadars 192.52.167.210:443
2016-05-04 17:02:00676673bab3202d37c802e64d400919c6n/aQadars 192.52.167.210:443

# of entries: 100 (max: 100)