SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint b7a4743e885675b9ac54f73b4217ef60da84f73a.
Database Entry
| SHA1 Fingerprint: | b7a4743e885675b9ac54f73b4217ef60da84f73a |
|---|---|
| Certificate Common Name (CN): | popi.su/emailAddress=admin@popi.su |
| Issuer Distinguished Name (DN): | popi.su/emailAddress=admin@popi.su |
| TLS Version: | TLS 1.2 |
| First seen: | 2016-10-28 09:43:06 UTC |
| Last seen: | 2016-11-29 23:56:31 UTC |
| Status: | Blacklisted |
| Listing reason: | Flokibot C&C |
| Listing date: | 2016-12-01 11:31:24 |
| Malware samples: | 4 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-11-29 23:56:31 | 398cb01626d842378415f1fa19457ef6 | n/a | Flokibot | 151.248.123.176:443 |
| 2016-11-29 23:56:31 | 398cb01626d842378415f1fa19457ef6 | n/a | Flokibot | 151.248.123.176:443 |
| 2016-11-29 22:30:20 | 6ae044923c4e62434ecf6fde378e674a | n/a | Flokibot | 151.248.123.176:443 |
| 2016-11-29 22:30:20 | 6ae044923c4e62434ecf6fde378e674a | n/a | Flokibot | 151.248.123.176:443 |
| 2016-11-03 09:51:17 | a19f8ef1a8eaa98cedfbc0ca6f127301 | n/a | Flokibot | 151.248.123.176:443 |
| 2016-11-03 09:51:17 | a19f8ef1a8eaa98cedfbc0ca6f127301 | n/a | Flokibot | 151.248.123.176:443 |
| 2016-10-28 09:43:06 | 6a1fc5df66139028d387ef9f8f53dde0 |  32/57 (56.14%)
| Flokibot | 151.248.123.176:443 |
| 2016-10-28 09:43:06 | 6a1fc5df66139028d387ef9f8f53dde0 | 32/57 (56.14%)
| Flokibot | 151.248.123.176:443 |
# of entries: 8 (max: 100)