SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint e4bba16c2aa6563e30a7eafccbcb5f43e4b72f68.
Database Entry
| SHA1 Fingerprint: | e4bba16c2aa6563e30a7eafccbcb5f43e4b72f68 |
|---|---|
| Certificate Common Name (CN): | Flmwrsdpl Rtlcxdfstfglmd, OU=Jbeeyn, ST=mpw, O=Ixulfkredin, C=SD, L=Uqlkndjdpos Ejjx |
| Issuer Distinguished Name (DN): | Flmwrsdpl Rtlcxdfstfglmd, OU=Jbeeyn, ST=mpw, O=Ixulfkredin, C=SD, L=Uqlkndjdpos Ejjx |
| TLS Version: | TLS 1.2 |
| First seen: | 2022-12-12 20:24:12 UTC |
| Last seen: | 2022-12-13 16:13:37 UTC |
| Status: | Blacklisted |
| Listing reason: | DanaBot C&C |
| Listing date: | 2022-12-13 16:10:07 |
| Malware samples: | 20 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2022-12-13 16:13:37 | 1c00eef6a97909723a0c7afa94cc3a77 |  32 / 69 (46.38%)
| 152.89.247.44:443 | |
| 2022-12-13 14:50:03 | 9ab9692fcb18683990b631eea9d73ad4 | 27 / 72 (37.50%)
| Smoke Loader | 152.89.247.44:443 |
| 2022-12-13 12:42:08 | 0fb20d6db0fafb6ec7beb8df61ac3423 | 35 / 72 (48.61%)
| 152.89.247.44:443 | |
| 2022-12-13 12:41:44 | 3115f30d3c2963c22b8dba5bc075a63c | 26 / 61 (42.62%)
| 152.89.247.44:443 | |
| 2022-12-13 12:18:10 | 48e86de7ab081ac388170b4cc43160de | 26 / 71 (36.62%)
| Smoke Loader | 152.89.247.44:443 |
| 2022-12-13 10:39:08 | 41c450a5a4b21b9112cc6f6b2847200a | 26 / 71 (36.62%)
| DanaBot | 152.89.247.44:443 |
| 2022-12-13 08:23:00 | 9e7d8e11bbe26788853ab6cc8d008506 | 30 / 71 (42.25%)
| 152.89.247.44:443 | |
| 2022-12-13 08:21:53 | 9ca8273249ba756231f36ca7c7496148 | 28 / 71 (39.44%)
| Smoke Loader | 152.89.247.44:443 |
| 2022-12-13 08:20:21 | 6456e3af7985dfa611e6e0ae1b65193b | 33 / 70 (47.14%)
| 152.89.247.44:443 | |
| 2022-12-13 08:20:17 | e9cb09dc5c78990bc165a306c97c26a4 | 27 / 71 (38.03%)
| Smoke Loader | 152.89.247.44:443 |
| 2022-12-13 08:19:20 | eaf92bca63e448749ac805744b505cda | 31 / 71 (43.66%)
| 152.89.247.44:443 | |
| 2022-12-13 08:19:04 | 2577d9c2fd3517e9d257230ba992b69e | 33 / 70 (47.14%)
| 152.89.247.44:443 | |
| 2022-12-13 08:17:45 | 8f711b66ec1c536ae191bbfab4de6faa | 36 / 71 (50.70%)
| 152.89.247.44:443 | |
| 2022-12-13 08:17:37 | 8a35066cdbb9183d89b52a68fb5a0401 | 29 / 71 (40.85%)
| Smoke Loader | 152.89.247.44:443 |
| 2022-12-13 08:17:01 | 56488cf7294830ca2eb515b925d6bb3b | 25 / 68 (36.76%)
| Smoke Loader | 152.89.247.44:443 |
| 2022-12-13 08:16:13 | 395519c18c94ebd4e0ae335f6da0b04b | 36 / 70 (51.43%)
| 152.89.247.44:443 | |
| 2022-12-13 08:15:57 | b44d7cff8528d56fac2766fec4e3af13 | 36 / 72 (50.00%)
| 152.89.247.44:443 | |
| 2022-12-13 08:15:25 | 2461aab453c7a6db54960484bbc546ed | 35 / 70 (50.00%)
| 152.89.247.44:443 | |
| 2022-12-13 08:02:15 | dc21494964595252832285107c6edff1 | 27 / 71 (38.03%)
| Smoke Loader | 152.89.247.44:443 |
| 2022-12-12 20:24:12 | f3b54e24459543e105886a9b77f35687 | 37 / 72 (51.39%)
| 152.89.247.44:443 |
# of entries: 20 (max: 100)