SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint bfcf9cb6e267b06037039b5aa7cdc403bb92fac2.

Database Entry


SHA1 Fingerprint:bfcf9cb6e267b06037039b5aa7cdc403bb92fac2
Certificate Common Name (CN):fxpsjcklcqf.com
Issuer Distinguished Name (DN):fxpsjcklcqf.com
TLS Version:TLS 1.2
First seen:2016-07-29 05:23:30 UTC
Last seen:2016-11-24 12:43:34 UTC
Status:Blacklisted
Listing reason:Vawtrak C&C
Listing date:2016-08-10 10:06:06
Malware samples:41
Botnet C&Cs:14

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-11-24 12:43:348be5879d77b377161796d4de5d4b36ebVirustotal results 29/56 (51.79%) Vawtrak 185.15.208.238:443
2016-11-23 23:26:3418d8606807af8bc7d06da32477c60c0bVirustotal results 24/56 (42.86%) Downloader.Pony185.15.208.238:443
2016-11-18 06:41:55e624986f1c3218b7527b723412c0815cVirustotal results 9/57 (15.79%) Vawtrak 137.74.194.227:443
2016-11-16 19:23:20ddef86a97d892abbdc0f61407ec769feVirustotal results 21/56 (37.50%) Hancitor137.74.194.227:443
2016-11-04 14:23:56f035b48bffcbae031c4a7cc8f9b07b1fVirustotal results 33/57 (57.89%) Vawtrak 5.187.0.177:443
2016-11-01 16:38:549a6e0e1431f9bd45c83e27224a994803Virustotal results 7/55 (12.73%) Vawtrak 185.36.102.51:443
2016-10-31 16:22:39b0b4a88285523f4d3f3654584b0022e1Virustotal results 11/56 (19.64%) Vawtrak 185.36.102.51:443
2016-10-30 19:12:528c14c06013d89ebbcb3b542551044262Virustotal results 34/57 (59.65%) Vawtrak 85.17.82.122:443
2016-10-27 17:38:047b198c0b47912690316c666b8c447e59Virustotal results 13/57 (22.81%) Vawtrak 46.105.218.106:443
2016-10-27 08:11:4551271e7ec765192877821f2a19163256Virustotal results 26/56 (46.43%) Vawtrak 83.220.174.41:443
2016-10-26 14:35:48aa044b5b671be92a6672b5d84bcde7a8n/aVawtrak 83.220.174.41:443
2016-10-14 13:11:571923f3299229e40d245b0a91e032c700Virustotal results 23/56 (41.07%) Vawtrak 194.1.236.149:443
2016-10-14 12:18:4796baf916355fb7a10d76721d9819e300Virustotal results 17/56 (30.36%) Vawtrak 194.1.236.149:443
2016-10-13 15:35:31e4dbe5d7a3dea14818431397a4967d0dVirustotal results 25/55 (45.45%) Vawtrak 194.1.236.149:443
2016-10-12 18:26:05b37da106cbe73a4450dc28786f7da27fVirustotal results 40/57 (70.18%) Hancitor31.184.233.105:443
2016-10-10 01:57:28933d6c55f2b65e8c85389eb20b4d4c30Virustotal results 22/56 (39.29%) ZeuS 31.184.233.105:443
2016-10-09 00:57:387bf42e3cfb857baa3785020baf5e4539n/a31.184.233.105:443
2016-10-05 06:33:314bf28eb356ec918db9c3ec3e5d8fbf44Virustotal results 21/56 (37.50%) Vawtrak 185.22.65.47:443
2016-09-27 18:03:59cebd26c28f001e8931fa494723d7844aVirustotal results 35/57 (61.40%) Hancitor185.22.65.47:443
2016-09-23 05:25:5667e52af8d40f84d796675a888a6ac6c0Virustotal results 9/57 (15.79%) Vawtrak 185.80.53.96:443
2016-09-22 17:38:56f4db2a794120fe8e328e795835bc6aa2Virustotal results 30/57 (52.63%) Vawtrak 185.22.65.47:443
2016-09-22 15:32:031e9181272a814f55a59a1e5eb6ed9bd6Virustotal results 36/57 (63.16%) Downloader.Pony185.80.53.96:443
2016-09-19 07:12:185ac2690c6b7ff9ae2fdb2dfd5d8915f2Virustotal results 36/57 (63.16%) Vawtrak 185.22.65.47:443
2016-09-18 12:00:46ed13b8b1c94e7d608e30744a1bb68c99Virustotal results 32/57 (56.14%) Vawtrak 185.22.65.47:443
2016-09-18 11:12:12e0ed9be259786067687860c80a1f05f9Virustotal results 33/57 (57.89%) Vawtrak 185.22.65.47:443
2016-09-16 11:42:1089c9a54a97fa9c0760338963daf3cc56Virustotal results 38/57 (66.67%) Vawtrak 185.22.65.47:443
2016-09-08 10:09:0991635d037907354b3d46257246832fe6n/a185.22.65.47:443
2016-09-02 05:18:482dec5edc4d1f59d10e3925eb2d7bfe7dVirustotal results 37/58 (63.79%) ZeuS 185.22.65.47:443
2016-08-29 15:47:05cc05867751b1de3cab89c046210faed4Virustotal results 33/56 (58.93%) Hancitor185.22.65.47:443
2016-08-25 11:51:58feb0791b2a7964782798ebdc2ed6ec5dVirustotal results 34/56 (60.71%) ZeuS 185.22.65.47:443
2016-08-22 07:15:01ebd4bf9864fdc79cc3313c9c238c1590Virustotal results 22/54 (40.74%) ZeuS 185.22.65.47:443
2016-08-22 00:24:08a723e08319be660ef5db2abd2c426991Virustotal results 33/56 (58.93%) ZeuS 185.22.65.47:443
2016-08-21 09:14:158be0ca71efa2ba3d3fb2acebcc88e5e7Virustotal results 33/56 (58.93%) Hancitor185.22.65.47:443
2016-08-21 03:02:49fd05fd03bc0a26e9c2209d43d151c6e9Virustotal results 28/52 (53.85%) ZeuS 185.22.65.47:443
2016-08-18 22:34:52257be373d6a211705a26b00c3c5b9a49Virustotal results 14/56 (25.00%) ZeuS 185.22.65.47:443
2016-08-18 15:11:38f751e779d165593cef521ffc8d41e66eVirustotal results 2/53 (3.77%) ZeuS 217.29.58.167:443
2016-08-18 08:57:119597fc80f793bbeceed69be9b1344fdbVirustotal results 28/56 (50.00%) ZeuS 217.29.58.167:443
2016-08-11 05:12:24a7c3ae050fce663499f78bcfeea59399Virustotal results 3/54 (5.56%) Vawtrak 81.177.26.146:443
2016-07-31 16:15:52bff55fccd09c6d74f3a653d2b168878fVirustotal results 8/55 (14.55%) Vawtrak 185.36.102.35:443
2016-07-30 12:22:161a922cb1867d461409c6e2e49313c4b1Virustotal results 22/54 (40.74%) ZeuS 185.36.102.35:443
2016-07-29 05:23:30c77e1e3da5123cdaf34f4109ea2098f0Virustotal results 25/55 (45.45%) H1N1185.36.102.35:443

# of entries: 41 (max: 100)