SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint d2074387b1d975fe5255f5285e1c754d95095a24.

Database Entry


SHA1 Fingerprint:d2074387b1d975fe5255f5285e1c754d95095a24
Certificate Common Name (CN):fleil.com
Issuer Distinguished Name (DN):RapidSSL SHA256 CA
TLS Version:TLS 1.2
First seen:2016-11-20 05:52:48 UTC
Last seen:2016-11-27 18:38:27 UTC
Status:Blacklisted
Listing reason:Chthonic C&C
Listing date:2016-11-26 10:48:02
Malware samples:13
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-11-27 18:38:27342cfa08e3ad08010ce494953b92b1e4n/a193.28.179.165:443
2016-11-26 19:59:414fa636455d8c39c0b099f8c37ef29791n/aChthonic 193.28.179.165:443
2016-11-26 18:34:338ec457487f5cc2bca23fee456423d9e9n/a193.28.179.165:443
2016-11-26 12:19:1005ae46460f7dc727c68e45718c2a7149Virustotal results 23/65 (35.38%) 193.28.179.165:443
2016-11-24 20:58:477cca8fc0beb8e0899f5c6e40f5896b5an/aChthonic 193.28.179.165:443
2016-11-23 23:39:04bf6becb0b0c6e5b972802b134602b4a9Virustotal results 6/57 (10.53%) Chthonic 193.28.179.165:443
2016-11-23 20:38:4921c748663616866b5d8944479de35b39n/a193.28.179.165:443
2016-11-23 20:08:4480f6ec6f31393834f97b98063378d35bVirustotal results 39/62 (62.90%) Chthonic 193.28.179.165:443
2016-11-23 19:17:20534934dcd06109768a65279fbdbfe336Virustotal results 43/61 (70.49%) Chthonic 193.28.179.165:443
2016-11-22 10:58:2384287e873afb8055ea0cd02011841c1cn/a193.28.179.165:443
2016-11-22 09:22:221ab21ee8f86c39e5308c629dfb4fcfe5n/a193.28.179.165:443
2016-11-21 18:47:548a9f991fb4c414aae1eaaeb2d8be297aVirustotal results 5/57 (8.77%) 193.28.179.165:443
2016-11-20 05:52:48fc0301aa2e6f701dcc5f3faabafa63dbn/a193.28.179.165:443

# of entries: 13 (max: 100)