SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint cacb2adb56672828e9d356706d449160097a0f33.
Database Entry
| SHA1 Fingerprint: | cacb2adb56672828e9d356706d449160097a0f33 |
|---|---|
| Certificate Common Name (CN): | content-distribution-v2.pro |
| Issuer Distinguished Name (DN): | WE1 |
| TLS Version: | TLS 1.2 |
| First seen: | 2025-12-04 19:12:00 UTC |
| Last seen: | 2025-12-06 20:52:47 UTC |
| Status: | Blacklisted |
| Listing reason: | DonutLoader C&C |
| Listing date: | 2025-12-08 15:53:48 |
| Malware samples: | 9 |
| Botnet C&Cs: | 2 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2025-12-06 20:52:47 | b83ac9a525ee2ed6c399519a969063d8 | n/a | 104.21.0.182:443 | |
| 2025-12-06 17:53:02 | b793cfd5febf15596fdd27cf86bcfccd | n/a | 104.21.0.182:443 | |
| 2025-12-06 17:29:51 | 8b9520972a997667b422772e0fa20de9 | n/a | 104.21.0.182:443 | |
| 2025-12-06 16:42:30 | 78712a92a9c501daa73c25f7097f3e33 | n/a | 172.67.128.46:443 | |
| 2025-12-05 15:37:48 | c1c257c6f8b6e6ad8ef618c1e4593260 | n/a | 172.67.128.46:443 | |
| 2025-12-05 15:35:47 | 25c96be2f82306ce1e8a6169fc48acd2 | n/a | 104.21.0.182:443 | |
| 2025-12-05 15:27:09 | f90c0aa1ddae119d68441cc776010e0a | n/a | 172.67.128.46:443 | |
| 2025-12-04 19:22:23 | 64e5241c9819e57ac911863312d726fc | n/a | 172.67.128.46:443 | |
| 2025-12-04 19:12:00 | 8d49293d20fba985a8db9e27e0519b00 | n/a | 104.21.0.182:443 |
# of entries: 9 (max: 100)