SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint c220cb4b975b3ba033ca3b72e0292db5388707e4.
Database Entry
| SHA1 Fingerprint: | c220cb4b975b3ba033ca3b72e0292db5388707e4 |
|---|---|
| Certificate Common Name (CN): | kurrenpowed.run |
| Issuer Distinguished Name (DN): | WE1 |
| TLS Version: | TLS 1.2 |
| First seen: | 2025-02-21 12:33:20 UTC |
| Last seen: | 2025-02-22 06:21:57 UTC |
| Status: | Blacklisted |
| Listing reason: | LummaStealer C&C |
| Listing date: | 2025-02-22 07:32:02 |
| Malware samples: | 12 |
| Botnet C&Cs: | 2 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2025-02-22 06:21:57 | cd114af368f9075616230b6494be99d1 | n/a | 104.21.61.178:443 | |
| 2025-02-22 04:14:31 | b96c7eb952ecdf5cbe01177eb783cec0 | n/a | 104.21.61.178:443 | |
| 2025-02-22 00:42:38 | 8862e9e3f3d5ef050dd05ba9f6e98fc7 | n/a | 104.21.61.178:443 | |
| 2025-02-21 21:01:59 | 60c1eec996304bb53a3ed2e537c42dec | n/a | 172.67.212.154:443 | |
| 2025-02-21 20:57:14 | 5ff25cf1b7c2d1ea7443e42b58ffc779 | n/a | 172.67.212.154:443 | |
| 2025-02-21 18:58:30 | 49637bf7efd81f6d169b382f40393e06 | n/a | 172.67.212.154:443 | |
| 2025-02-21 15:51:30 | 1c7071e3f81997a518e096a90dfd00c8 | n/a | 104.21.61.178:443 | |
| 2025-02-21 14:59:59 | 18c94d2acac1e8445a1cdf770ec6b291 | n/a | 172.67.212.154:443 | |
| 2025-02-21 14:55:05 | 53c366c9c18d9b66a7766547c14dbc1c | n/a | 172.67.212.154:443 | |
| 2025-02-21 14:45:16 | 006ab3cbbcc4c7c71ccae0cf35d33436 | n/a | 104.21.61.178:443 | |
| 2025-02-21 13:02:19 | 49eeaf5385aba5ea6bb58bd767ed4299 | n/a | 104.21.61.178:443 | |
| 2025-02-21 12:33:20 | 0a65a1cbc2e25b42706c2bb463a4d191 | n/a | 172.67.212.154:443 |
# of entries: 12 (max: 100)