SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint c987fc2473d3df2f6d61094515653be8a5c75441.
Database Entry
| SHA1 Fingerprint: | c987fc2473d3df2f6d61094515653be8a5c75441 |
|---|---|
| Certificate Common Name (CN): | DcRat |
| Issuer Distinguished Name (DN): | DcRat Server, OU=qwqdanchun, O=DcRat By qwqdanchun, L=SH, C=CN |
| TLS Version: | TLSv1 |
| First seen: | 2023-01-12 11:06:26 UTC |
| Last seen: | 2023-01-12 13:15:39 UTC |
| Status: | Blacklisted |
| Listing reason: | DCRat C&C |
| Listing date: | 2023-01-12 15:31:55 |
| Malware samples: | 3 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2023-01-12 13:15:39 | d325da20d3b2ac0a5e1e179c31b00b6e |  28 / 70 (40.00%)
| CoinMiner | 190.2.147.39:8848 |
| 2023-01-12 12:09:30 | 16f636bbeedee272a83b2365aa2acf2d | 55 / 71 (77.46%)
| PripyatMiner | 190.2.147.39:8848 |
| 2023-01-12 11:06:26 | b4346008df789fb0b428f3088c3290f5 | n/a | RedLineStealer | 190.2.147.39:8848 |
# of entries: 3 (max: 100)