SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint c987fc2473d3df2f6d61094515653be8a5c75441.

Database Entry

SHA1 Fingerprint:c987fc2473d3df2f6d61094515653be8a5c75441
Certificate Common Name (CN):DcRat
Issuer Distinguished Name (DN):DcRat Server, OU=qwqdanchun, O=DcRat By qwqdanchun, L=SH, C=CN
TLS Version:TLSv1
First seen:2023-01-12 11:06:26 UTC
Last seen:2023-01-12 13:15:39 UTC
Listing reason:DCRat C&C
Listing date:2023-01-12 15:31:55
Malware samples:3
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2023-01-12 13:15:39d325da20d3b2ac0a5e1e179c31b00b6eVirustotal results 28 / 70 (40.00%) CoinMiner190.2.147.39:8848
2023-01-12 12:09:3016f636bbeedee272a83b2365aa2acf2dVirustotal results 55 / 71 (77.46%) PripyatMiner190.2.147.39:8848
2023-01-12 11:06:26b4346008df789fb0b428f3088c3290f5n/aRedLineStealer190.2.147.39:8848

# of entries: 3 (max: 100)