SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint c1bda1ea8c1f4f9ead798d7495a898b3d447a771.
Database Entry
| SHA1 Fingerprint: | c1bda1ea8c1f4f9ead798d7495a898b3d447a771 |
|---|---|
| Certificate Common Name (CN): | go-clean.hk |
| Issuer Distinguished Name (DN): | Let's Encrypt Authority X3 |
| TLS Version: | TLS 1.2 |
| First seen: | 2019-12-10 17:28:22 UTC |
| Last seen: | 2019-12-12 05:32:43 UTC |
| Status: | Blacklisted |
| Listing reason: | Malware C&C |
| Listing date: | 2019-12-11 15:34:46 |
| Malware samples: | 11 |
| Botnet C&Cs: | 6 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2019-12-12 05:32:43 | 29bede68aeecccea0668a06a83328609 | n/a | PredatorStealer | 45.143.138.20:443 |
| 2019-12-12 05:32:43 | 29bede68aeecccea0668a06a83328609 | n/a | PredatorStealer | 45.143.138.20:443 |
| 2019-12-12 04:56:02 | 34a589788e5d45926761577370447c47 |  19 / 71 (26.76%)
| PredatorStealer | 45.143.138.20:443 |
| 2019-12-12 04:56:02 | 34a589788e5d45926761577370447c47 | 19 / 71 (26.76%)
| PredatorStealer | 45.143.138.20:443 |
| 2019-12-12 04:12:03 | 73a0b243cd87c226a56dedeb3b8bea38 | 20 / 70 (28.57%)
| PredatorStealer | 45.143.138.20:443 |
| 2019-12-12 04:12:03 | 73a0b243cd87c226a56dedeb3b8bea38 | 20 / 70 (28.57%)
| PredatorStealer | 45.143.138.20:443 |
| 2019-12-11 17:44:38 | a2cd7c69520d9bc6253893dddd1dcbe4 | 21 / 72 (29.17%)
| 185.231.245.119:443 | |
| 2019-12-11 17:44:38 | a2cd7c69520d9bc6253893dddd1dcbe4 | 21 / 72 (29.17%)
| 185.231.245.119:443 | |
| 2019-12-11 15:50:35 | 94a6c2d0312831aca703dd6f30a233ae | 32 / 71 (45.07%)
| 83.166.250.53:443 | |
| 2019-12-11 15:50:35 | 94a6c2d0312831aca703dd6f30a233ae | 32 / 71 (45.07%)
| 83.166.250.53:443 | |
| 2019-12-11 15:39:53 | a54d0d6cb53829b9e92a260706c65d57 | 20 / 70 (28.57%)
| 83.166.250.53:443 | |
| 2019-12-11 15:39:53 | a54d0d6cb53829b9e92a260706c65d57 | 20 / 70 (28.57%)
| 83.166.250.53:443 | |
| 2019-12-11 15:29:02 | 54d1beba5f9cb2603938b4ecf956dbaf | 19 / 70 (27.14%)
| 185.231.245.119:443 | |
| 2019-12-11 15:29:02 | 54d1beba5f9cb2603938b4ecf956dbaf | 19 / 70 (27.14%)
| 185.231.245.119:443 | |
| 2019-12-11 15:13:04 | 793b6ff04ac02852d61aa2c9b39f62a0 | 19 / 70 (27.14%)
| 185.231.245.119:443 | |
| 2019-12-11 15:13:04 | 793b6ff04ac02852d61aa2c9b39f62a0 | 19 / 70 (27.14%)
| 185.231.245.119:443 | |
| 2019-12-10 21:24:05 | 44b3d1da61045042a1d86a0a7ddc0be9 | 18 / 70 (25.71%)
| AZORult | 185.180.196.30:443 |
| 2019-12-10 21:24:05 | 44b3d1da61045042a1d86a0a7ddc0be9 | 18 / 70 (25.71%)
| AZORult | 185.180.196.30:443 |
| 2019-12-10 19:22:11 | 4553c5df41f5437c6e7910f32a51f5b7 | n/a | AZORult | 134.0.116.116:443 |
| 2019-12-10 19:22:11 | 4553c5df41f5437c6e7910f32a51f5b7 | n/a | AZORult | 134.0.116.116:443 |
| 2019-12-10 17:28:22 | b4d0edbec6e28ba9cdb1d703479c1a2c | 17 / 71 (23.94%)
| AZORult | 37.46.130.73:443 |
| 2019-12-10 17:28:22 | b4d0edbec6e28ba9cdb1d703479c1a2c | 17 / 71 (23.94%)
| AZORult | 37.46.130.73:443 |
# of entries: 22 (max: 100)