SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint d939155400494051d785fbeae33933f64a2d6cce.
Database Entry
| SHA1 Fingerprint: | d939155400494051d785fbeae33933f64a2d6cce |
|---|---|
| Certificate Common Name (CN): | cherniypoyas.ru |
| Issuer Distinguished Name (DN): | COMODO RSA Domain Validation Secure Server CA |
| TLS Version: | TLS 1.2 |
| First seen: | 2015-09-10 00:37:53 UTC |
| Last seen: | 2015-09-20 17:39:08 UTC |
| Status: | Blacklisted |
| Listing reason: | Rovnix C&C |
| Listing date: | 2015-09-19 08:30:28 |
| Malware samples: | 5 |
| Botnet C&Cs: | 2 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2015-09-20 17:39:08 | f8ae4b7e142d0d5fcf445d3ea4e71e5d |  9/56 (16.07%)
| Gozi | 37.0.125.106:443 |
| 2015-09-20 17:39:08 | f8ae4b7e142d0d5fcf445d3ea4e71e5d | 9/56 (16.07%)
| Gozi | 37.0.125.106:443 |
| 2015-09-19 06:13:02 | 7660d41996b28503a7813c5381d63ba7 | 16/56 (28.57%)
| 37.0.125.106:443 | |
| 2015-09-19 06:13:02 | 7660d41996b28503a7813c5381d63ba7 | 16/56 (28.57%)
| 37.0.125.106:443 | |
| 2015-09-18 13:22:40 | 2bf19f880796985530ef6cf663b0c635 | 20/57 (35.09%)
| 37.0.125.106:443 | |
| 2015-09-18 13:22:40 | 2bf19f880796985530ef6cf663b0c635 | 20/57 (35.09%)
| 37.0.125.106:443 | |
| 2015-09-12 01:47:19 | dd28d0de3a0be8143253815cc9d7f8ac | 2/56 (3.57%)
| 37.0.125.106:443 | |
| 2015-09-12 01:47:19 | dd28d0de3a0be8143253815cc9d7f8ac | 2/56 (3.57%)
| 37.0.125.106:443 | |
| 2015-09-10 00:37:53 | 1a843d010b3f0549e5a882eef4a3f6c3 | 3/57 (5.26%)
| 185.66.218.2:443 | |
| 2015-09-10 00:37:53 | 1a843d010b3f0549e5a882eef4a3f6c3 | 3/57 (5.26%)
| 185.66.218.2:443 |
# of entries: 10 (max: 100)