SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint ec21cd3a9b2d4a0a5dc6d18c714bf4eab92213d2.

Database Entry

SHA1 Fingerprint:	ec21cd3a9b2d4a0a5dc6d18c714bf4eab92213d2
Certificate Common Name (CN):	cyber7.bit/emailAddress=webmaster@cyber7.bit
Issuer Distinguished Name (DN):	cyber7.bit/emailAddress=webmaster@cyber7.bit
TLS Version:	TLS 1.2
First seen:	2017-01-19 12:26:14 UTC
Last seen:	2017-03-11 21:22:35 UTC
Status:	Blacklisted
Listing reason:	Chthonic C&C
Listing date:	2017-01-19 15:30:38
Malware samples:	15
Botnet C&Cs:	8

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2017-03-11 21:22:35	0d6b9b3e11c5e9348ca3cfd39c5006e5	29/61 (47.54%)	Smoke Loader	52.25.108.4:443
2017-03-11 21:22:35	0d6b9b3e11c5e9348ca3cfd39c5006e5	29/61 (47.54%)	Smoke Loader	52.25.108.4:443
2017-02-19 18:15:24	8bc92d5b71b731dc6e7f9b0bfa33137b	18/58 (31.03%)	Chthonic	76.74.178.144:443
2017-02-19 18:15:24	8bc92d5b71b731dc6e7f9b0bfa33137b	18/58 (31.03%)	Chthonic	76.74.178.144:443
2017-02-19 13:28:44	e73105d912d4d00e97467e35f28ef662	6/56 (10.71%)	Chthonic	76.74.178.144:443
2017-02-19 13:28:44	e73105d912d4d00e97467e35f28ef662	6/56 (10.71%)	Chthonic	76.74.178.144:443
2017-02-18 16:51:22	21c72c17397858e7ddf6e8a117382135	20/59 (33.90%)	Chthonic	54.164.51.39:443
2017-02-18 16:51:22	21c72c17397858e7ddf6e8a117382135	20/59 (33.90%)	Chthonic	54.164.51.39:443
2017-02-16 22:13:07	77f316c909e3cbb8f04b0d2d34322e4c	7/58 (12.07%)	Chthonic	54.164.51.39:443
2017-02-16 22:13:07	77f316c909e3cbb8f04b0d2d34322e4c	7/58 (12.07%)	Chthonic	54.164.51.39:443
2017-02-16 08:47:19	26f90c6c1b10ef199642f78b6db9788c	14/57 (24.56%)	Terdot	54.164.51.39:443
2017-02-16 08:47:19	26f90c6c1b10ef199642f78b6db9788c	14/57 (24.56%)	Terdot	54.164.51.39:443
2017-02-14 22:02:59	12d940e897a515053c812fdb37d6c119	20/58 (34.48%)	Chthonic	54.164.51.39:443
2017-02-14 22:02:59	12d940e897a515053c812fdb37d6c119	20/58 (34.48%)	Chthonic	54.164.51.39:443
2017-02-14 02:56:57	baec57c774e6ea1e21858a337888e627	21/59 (35.59%)	Chthonic	46.173.219.212:443
2017-02-14 02:56:57	baec57c774e6ea1e21858a337888e627	21/59 (35.59%)	Chthonic	46.173.219.212:443
2017-02-09 23:04:59	f1048a7e38931b2630f46e8fc9cd991e	8/56 (14.29%)	Chthonic	52.70.122.231:443
2017-02-09 23:04:59	f1048a7e38931b2630f46e8fc9cd991e	8/56 (14.29%)	Chthonic	52.70.122.231:443
2017-02-09 20:07:21	a026f090b8ad721b63c7ef385ccfb2a0	22/57 (38.60%)	Terdot	52.70.122.231:443
2017-02-09 20:07:21	a026f090b8ad721b63c7ef385ccfb2a0	22/57 (38.60%)	Terdot	52.70.122.231:443
2017-02-03 01:10:06	0d368dca28b938ed9d7c61a2ce0d192d	28/57 (49.12%)	Chthonic	185.156.179.96:443
2017-02-03 01:10:06	0d368dca28b938ed9d7c61a2ce0d192d	28/57 (49.12%)	Chthonic	185.156.179.96:443
2017-02-02 02:22:06	61cccc6aa57d6e55ece30be80f7afb97	n/a	AgentTesla	52.33.54.94:443
2017-02-02 02:22:06	61cccc6aa57d6e55ece30be80f7afb97	n/a	AgentTesla	52.33.54.94:443
2017-01-31 06:51:23	496593cfb4d702baa636868c85219027	7/56 (12.50%)	Cerber	185.156.179.96:443
2017-01-31 06:51:23	496593cfb4d702baa636868c85219027	7/56 (12.50%)	Cerber	185.156.179.96:443
2017-01-30 20:03:15	a02b54cb12da9ebb169ae9e8f5c53060	32/56 (57.14%)	Smoke Loader	185.156.179.96:443
2017-01-30 20:03:15	a02b54cb12da9ebb169ae9e8f5c53060	32/56 (57.14%)	Smoke Loader	185.156.179.96:443
2017-01-19 12:26:14	faefc2f46cedadf8c0b1f81d905f0044	14/55 (25.45%)	Chthonic	185.77.131.102:443
2017-01-19 12:26:14	faefc2f46cedadf8c0b1f81d905f0044	14/55 (25.45%)	Chthonic	185.77.131.102:443

# of entries: 30 (max: 100)