SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint bfcf9cb6e267b06037039b5aa7cdc403bb92fac2.
Database Entry
| SHA1 Fingerprint: | bfcf9cb6e267b06037039b5aa7cdc403bb92fac2 |
|---|---|
| Certificate Common Name (CN): | fxpsjcklcqf.com |
| Issuer Distinguished Name (DN): | fxpsjcklcqf.com |
| TLS Version: | TLS 1.2 |
| First seen: | 2016-07-29 05:23:30 UTC |
| Last seen: | 2016-11-24 12:43:34 UTC |
| Status: | Blacklisted |
| Listing reason: | Vawtrak C&C |
| Listing date: | 2016-08-10 10:06:06 |
| Malware samples: | 41 |
| Botnet C&Cs: | 14 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-11-24 12:43:34 | 8be5879d77b377161796d4de5d4b36eb |  29/56 (51.79%)
| Vawtrak | 185.15.208.238:443 |
| 2016-11-24 12:43:34 | 8be5879d77b377161796d4de5d4b36eb | 29/56 (51.79%)
| Vawtrak | 185.15.208.238:443 |
| 2016-11-23 23:26:34 | 18d8606807af8bc7d06da32477c60c0b | 24/56 (42.86%)
| Downloader.Pony | 185.15.208.238:443 |
| 2016-11-23 23:26:34 | 18d8606807af8bc7d06da32477c60c0b | 24/56 (42.86%)
| Downloader.Pony | 185.15.208.238:443 |
| 2016-11-18 06:41:55 | e624986f1c3218b7527b723412c0815c | 9/57 (15.79%)
| Vawtrak | 137.74.194.227:443 |
| 2016-11-18 06:41:55 | e624986f1c3218b7527b723412c0815c | 9/57 (15.79%)
| Vawtrak | 137.74.194.227:443 |
| 2016-11-16 19:23:20 | ddef86a97d892abbdc0f61407ec769fe | 21/56 (37.50%)
| Hancitor | 137.74.194.227:443 |
| 2016-11-16 19:23:20 | ddef86a97d892abbdc0f61407ec769fe | 21/56 (37.50%)
| Hancitor | 137.74.194.227:443 |
| 2016-11-04 14:23:56 | f035b48bffcbae031c4a7cc8f9b07b1f | 33/57 (57.89%)
| Vawtrak | 5.187.0.177:443 |
| 2016-11-04 14:23:56 | f035b48bffcbae031c4a7cc8f9b07b1f | 33/57 (57.89%)
| Vawtrak | 5.187.0.177:443 |
| 2016-11-01 16:38:54 | 9a6e0e1431f9bd45c83e27224a994803 | 7/55 (12.73%)
| Vawtrak | 185.36.102.51:443 |
| 2016-11-01 16:38:54 | 9a6e0e1431f9bd45c83e27224a994803 | 7/55 (12.73%)
| Vawtrak | 185.36.102.51:443 |
| 2016-10-31 16:22:39 | b0b4a88285523f4d3f3654584b0022e1 | 11/56 (19.64%)
| Vawtrak | 185.36.102.51:443 |
| 2016-10-31 16:22:39 | b0b4a88285523f4d3f3654584b0022e1 | 11/56 (19.64%)
| Vawtrak | 185.36.102.51:443 |
| 2016-10-30 19:12:52 | 8c14c06013d89ebbcb3b542551044262 | 34/57 (59.65%)
| Vawtrak | 85.17.82.122:443 |
| 2016-10-30 19:12:52 | 8c14c06013d89ebbcb3b542551044262 | 34/57 (59.65%)
| Vawtrak | 85.17.82.122:443 |
| 2016-10-27 17:38:04 | 7b198c0b47912690316c666b8c447e59 | 13/57 (22.81%)
| Vawtrak | 46.105.218.106:443 |
| 2016-10-27 17:38:04 | 7b198c0b47912690316c666b8c447e59 | 13/57 (22.81%)
| Vawtrak | 46.105.218.106:443 |
| 2016-10-27 08:11:45 | 51271e7ec765192877821f2a19163256 | 26/56 (46.43%)
| Vawtrak | 83.220.174.41:443 |
| 2016-10-27 08:11:45 | 51271e7ec765192877821f2a19163256 | 26/56 (46.43%)
| Vawtrak | 83.220.174.41:443 |
| 2016-10-26 14:35:48 | aa044b5b671be92a6672b5d84bcde7a8 | n/a | Vawtrak | 83.220.174.41:443 |
| 2016-10-26 14:35:48 | aa044b5b671be92a6672b5d84bcde7a8 | n/a | Vawtrak | 83.220.174.41:443 |
| 2016-10-14 13:11:57 | 1923f3299229e40d245b0a91e032c700 | 23/56 (41.07%)
| Vawtrak | 194.1.236.149:443 |
| 2016-10-14 13:11:57 | 1923f3299229e40d245b0a91e032c700 | 23/56 (41.07%)
| Vawtrak | 194.1.236.149:443 |
| 2016-10-14 12:18:47 | 96baf916355fb7a10d76721d9819e300 | 17/56 (30.36%)
| Vawtrak | 194.1.236.149:443 |
| 2016-10-14 12:18:47 | 96baf916355fb7a10d76721d9819e300 | 17/56 (30.36%)
| Vawtrak | 194.1.236.149:443 |
| 2016-10-13 15:35:31 | e4dbe5d7a3dea14818431397a4967d0d | 25/55 (45.45%)
| Vawtrak | 194.1.236.149:443 |
| 2016-10-13 15:35:31 | e4dbe5d7a3dea14818431397a4967d0d | 25/55 (45.45%)
| Vawtrak | 194.1.236.149:443 |
| 2016-10-12 18:26:05 | b37da106cbe73a4450dc28786f7da27f | 40/57 (70.18%)
| Hancitor | 31.184.233.105:443 |
| 2016-10-12 18:26:05 | b37da106cbe73a4450dc28786f7da27f | 40/57 (70.18%)
| Hancitor | 31.184.233.105:443 |
| 2016-10-10 01:57:28 | 933d6c55f2b65e8c85389eb20b4d4c30 | 22/56 (39.29%)
| ZeuS | 31.184.233.105:443 |
| 2016-10-10 01:57:28 | 933d6c55f2b65e8c85389eb20b4d4c30 | 22/56 (39.29%)
| ZeuS | 31.184.233.105:443 |
| 2016-10-09 00:57:38 | 7bf42e3cfb857baa3785020baf5e4539 | n/a | 31.184.233.105:443 | |
| 2016-10-09 00:57:38 | 7bf42e3cfb857baa3785020baf5e4539 | n/a | 31.184.233.105:443 | |
| 2016-10-05 06:33:31 | 4bf28eb356ec918db9c3ec3e5d8fbf44 | 21/56 (37.50%)
| Vawtrak | 185.22.65.47:443 |
| 2016-10-05 06:33:31 | 4bf28eb356ec918db9c3ec3e5d8fbf44 | 21/56 (37.50%)
| Vawtrak | 185.22.65.47:443 |
| 2016-09-27 18:03:59 | cebd26c28f001e8931fa494723d7844a | 35/57 (61.40%)
| Hancitor | 185.22.65.47:443 |
| 2016-09-27 18:03:59 | cebd26c28f001e8931fa494723d7844a | 35/57 (61.40%)
| Hancitor | 185.22.65.47:443 |
| 2016-09-23 05:25:56 | 67e52af8d40f84d796675a888a6ac6c0 | 9/57 (15.79%)
| Vawtrak | 185.80.53.96:443 |
| 2016-09-23 05:25:56 | 67e52af8d40f84d796675a888a6ac6c0 | 9/57 (15.79%)
| Vawtrak | 185.80.53.96:443 |
| 2016-09-22 17:38:56 | f4db2a794120fe8e328e795835bc6aa2 | 30/57 (52.63%)
| Vawtrak | 185.22.65.47:443 |
| 2016-09-22 17:38:56 | f4db2a794120fe8e328e795835bc6aa2 | 30/57 (52.63%)
| Vawtrak | 185.22.65.47:443 |
| 2016-09-22 15:32:03 | 1e9181272a814f55a59a1e5eb6ed9bd6 | 36/57 (63.16%)
| Downloader.Pony | 185.80.53.96:443 |
| 2016-09-22 15:32:03 | 1e9181272a814f55a59a1e5eb6ed9bd6 | 36/57 (63.16%)
| Downloader.Pony | 185.80.53.96:443 |
| 2016-09-19 07:12:18 | 5ac2690c6b7ff9ae2fdb2dfd5d8915f2 | 36/57 (63.16%)
| Vawtrak | 185.22.65.47:443 |
| 2016-09-19 07:12:18 | 5ac2690c6b7ff9ae2fdb2dfd5d8915f2 | 36/57 (63.16%)
| Vawtrak | 185.22.65.47:443 |
| 2016-09-18 12:00:46 | ed13b8b1c94e7d608e30744a1bb68c99 | 32/57 (56.14%)
| Vawtrak | 185.22.65.47:443 |
| 2016-09-18 12:00:46 | ed13b8b1c94e7d608e30744a1bb68c99 | 32/57 (56.14%)
| Vawtrak | 185.22.65.47:443 |
| 2016-09-18 11:12:12 | e0ed9be259786067687860c80a1f05f9 | 33/57 (57.89%)
| Vawtrak | 185.22.65.47:443 |
| 2016-09-18 11:12:12 | e0ed9be259786067687860c80a1f05f9 | 33/57 (57.89%)
| Vawtrak | 185.22.65.47:443 |
| 2016-09-16 11:42:10 | 89c9a54a97fa9c0760338963daf3cc56 | 38/57 (66.67%)
| Vawtrak | 185.22.65.47:443 |
| 2016-09-16 11:42:10 | 89c9a54a97fa9c0760338963daf3cc56 | 38/57 (66.67%)
| Vawtrak | 185.22.65.47:443 |
| 2016-09-08 10:09:09 | 91635d037907354b3d46257246832fe6 | n/a | 185.22.65.47:443 | |
| 2016-09-08 10:09:09 | 91635d037907354b3d46257246832fe6 | n/a | 185.22.65.47:443 | |
| 2016-09-02 05:18:48 | 2dec5edc4d1f59d10e3925eb2d7bfe7d | 37/58 (63.79%)
| ZeuS | 185.22.65.47:443 |
| 2016-09-02 05:18:48 | 2dec5edc4d1f59d10e3925eb2d7bfe7d | 37/58 (63.79%)
| ZeuS | 185.22.65.47:443 |
| 2016-08-29 15:47:05 | cc05867751b1de3cab89c046210faed4 | 33/56 (58.93%)
| Hancitor | 185.22.65.47:443 |
| 2016-08-29 15:47:05 | cc05867751b1de3cab89c046210faed4 | 33/56 (58.93%)
| Hancitor | 185.22.65.47:443 |
| 2016-08-25 11:51:58 | feb0791b2a7964782798ebdc2ed6ec5d | 34/56 (60.71%)
| ZeuS | 185.22.65.47:443 |
| 2016-08-25 11:51:58 | feb0791b2a7964782798ebdc2ed6ec5d | 34/56 (60.71%)
| ZeuS | 185.22.65.47:443 |
| 2016-08-22 07:15:01 | ebd4bf9864fdc79cc3313c9c238c1590 | 22/54 (40.74%)
| ZeuS | 185.22.65.47:443 |
| 2016-08-22 07:15:01 | ebd4bf9864fdc79cc3313c9c238c1590 | 22/54 (40.74%)
| ZeuS | 185.22.65.47:443 |
| 2016-08-22 00:24:08 | a723e08319be660ef5db2abd2c426991 | 33/56 (58.93%)
| ZeuS | 185.22.65.47:443 |
| 2016-08-22 00:24:08 | a723e08319be660ef5db2abd2c426991 | 33/56 (58.93%)
| ZeuS | 185.22.65.47:443 |
| 2016-08-21 09:14:15 | 8be0ca71efa2ba3d3fb2acebcc88e5e7 | 33/56 (58.93%)
| Hancitor | 185.22.65.47:443 |
| 2016-08-21 09:14:15 | 8be0ca71efa2ba3d3fb2acebcc88e5e7 | 33/56 (58.93%)
| Hancitor | 185.22.65.47:443 |
| 2016-08-21 03:02:49 | fd05fd03bc0a26e9c2209d43d151c6e9 | 28/52 (53.85%)
| ZeuS | 185.22.65.47:443 |
| 2016-08-21 03:02:49 | fd05fd03bc0a26e9c2209d43d151c6e9 | 28/52 (53.85%)
| ZeuS | 185.22.65.47:443 |
| 2016-08-18 22:34:52 | 257be373d6a211705a26b00c3c5b9a49 | 14/56 (25.00%)
| ZeuS | 185.22.65.47:443 |
| 2016-08-18 22:34:52 | 257be373d6a211705a26b00c3c5b9a49 | 14/56 (25.00%)
| ZeuS | 185.22.65.47:443 |
| 2016-08-18 15:11:38 | f751e779d165593cef521ffc8d41e66e | 2/53 (3.77%)
| ZeuS | 217.29.58.167:443 |
| 2016-08-18 15:11:38 | f751e779d165593cef521ffc8d41e66e | 2/53 (3.77%)
| ZeuS | 217.29.58.167:443 |
| 2016-08-18 08:57:11 | 9597fc80f793bbeceed69be9b1344fdb | 28/56 (50.00%)
| ZeuS | 217.29.58.167:443 |
| 2016-08-18 08:57:11 | 9597fc80f793bbeceed69be9b1344fdb | 28/56 (50.00%)
| ZeuS | 217.29.58.167:443 |
| 2016-08-11 05:12:24 | a7c3ae050fce663499f78bcfeea59399 | 3/54 (5.56%)
| Vawtrak | 81.177.26.146:443 |
| 2016-08-11 05:12:24 | a7c3ae050fce663499f78bcfeea59399 | 3/54 (5.56%)
| Vawtrak | 81.177.26.146:443 |
| 2016-07-31 16:15:52 | bff55fccd09c6d74f3a653d2b168878f | 8/55 (14.55%)
| Vawtrak | 185.36.102.35:443 |
| 2016-07-31 16:15:52 | bff55fccd09c6d74f3a653d2b168878f | 8/55 (14.55%)
| Vawtrak | 185.36.102.35:443 |
| 2016-07-30 12:22:16 | 1a922cb1867d461409c6e2e49313c4b1 | 22/54 (40.74%)
| ZeuS | 185.36.102.35:443 |
| 2016-07-30 12:22:16 | 1a922cb1867d461409c6e2e49313c4b1 | 22/54 (40.74%)
| ZeuS | 185.36.102.35:443 |
| 2016-07-29 05:23:30 | c77e1e3da5123cdaf34f4109ea2098f0 | 25/55 (45.45%)
| H1N1 | 185.36.102.35:443 |
| 2016-07-29 05:23:30 | c77e1e3da5123cdaf34f4109ea2098f0 | 25/55 (45.45%)
| H1N1 | 185.36.102.35:443 |
# of entries: 82 (max: 100)