SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint d10e6cd013949c081db7117cbbb169640b2c260a.
Database Entry
| SHA1 Fingerprint: | d10e6cd013949c081db7117cbbb169640b2c260a |
|---|---|
| Certificate Common Name (CN): | DcRat |
| Issuer Distinguished Name (DN): | DcRat Server, OU=qwqdanchun, O=DcRat By qwqdanchun, L=SH, C=CN |
| TLS Version: | TLSv1 |
| First seen: | 2022-10-21 15:59:07 UTC |
| Last seen: | 2022-10-22 03:55:51 UTC |
| Status: | Blacklisted |
| Listing reason: | DCRat C&C |
| Listing date: | 2022-10-22 06:39:10 |
| Malware samples: | 4 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2022-10-22 03:55:51 | 8374891f907be2a4a31d798438cb728d | n/a | RedLineStealer | 82.65.64.66:1234 |
| 2022-10-21 16:18:21 | 1e7428a5338a36f3139142eea4cd7501 |  33 / 72 (45.83%)
| ArkeiStealer | 82.65.64.66:1234 |
| 2022-10-21 16:10:31 | 63432d6ad5779ea84f3cc02914b27ad1 | 32 / 72 (44.44%)
| TeamBot | 82.65.64.66:1234 |
| 2022-10-21 15:59:08 | 2bdd362bde047942eea50258d7dcdc12 | 32 / 72 (44.44%)
| RedLineStealer | 82.65.64.66:1234 |
# of entries: 4 (max: 100)