SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint e1ec6a322ecc44b1f722bb32ec4f8eae690973ab.

Database Entry

SHA1 Fingerprint:e1ec6a322ecc44b1f722bb32ec4f8eae690973ab
Certificate Common Name (CN):toothpastename.xyz
Issuer Distinguished Name (DN):WE1
TLS Version:TLS 1.2
First seen:2025-08-17 12:34:47 UTC
Last seen:2025-08-25 10:33:13 UTC
Status:Blacklisted
Listing reason:Gh0stRAT C&C
Listing date:2025-08-17 12:53:50
Malware samples:19
Botnet C&Cs:2

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2025-08-25 10:33:13b15362f8ceeb613df48c1d1cb9e4941en/a104.21.30.78:443
2025-08-22 09:59:59d025240c018bf573bb9a47499b2232ebn/a104.21.30.78:443
2025-08-20 14:19:55fcc44975951535f22c61951186b9bc50n/a104.21.30.78:443
2025-08-20 10:24:37f0ac319e26d1e7ee268a809f88efeee1n/a172.67.172.127:443
2025-08-20 09:06:02e8b1a8b309af08585389fb0a480a4726n/a104.21.30.78:443
2025-08-18 15:13:36e27b08a85f8c4060e8aa26869b79260dn/a172.67.172.127:443
2025-08-18 11:02:48b730d524a76d11d3bab2db658c6dea46n/a172.67.172.127:443
2025-08-18 10:11:49aeb2f3f04f4028c9181f429f20f2daden/a172.67.172.127:443
2025-08-18 09:13:52a432f10a2be4228f77ff1f30ff3cfeb2n/a104.21.30.78:443
2025-08-18 07:56:15979a209333ad26de91df8097b375c941n/a104.21.30.78:443
2025-08-18 04:43:157a016374d2376cf302dbedac240e1a2en/a172.67.172.127:443
2025-08-18 02:46:4163e67d84f5f4fad4e650839745c456e8n/a104.21.30.78:443
2025-08-18 00:05:253d0dc126620da7a3c98db1e696d138c4n/a172.67.172.127:443
2025-08-17 22:35:404aaa807b288f67768c201a0b0a23435dn/a104.21.30.78:443
2025-08-17 22:29:431abe6536a327d6a0ba4b0c6b68cab029n/a172.67.172.127:443
2025-08-17 21:52:262b0446bb20d03e8bbacf98cec1fd6f52n/a104.21.30.78:443
2025-08-17 20:22:0743316f8adc1d498d5334d2e12aa110edn/a104.21.30.78:443
2025-08-17 18:02:5828a022e34cb6ef5962adfce54ae64d46n/a104.21.30.78:443
2025-08-17 12:34:47da3491f09f4c94b15153876a2e760858n/a172.67.172.127:443

# of entries: 19 (max: 100)