SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint ecd6ec44a30b047d6e75401202b220a7648bd4cc.

Database Entry

SHA1 Fingerprint:	ecd6ec44a30b047d6e75401202b220a7648bd4cc
Certificate Common Name (CN):	valkindead.ru
Issuer Distinguished Name (DN):	Let's Encrypt Authority X3
TLS Version:	TLS 1.2
First seen:	2018-10-18 19:43:36 UTC
Last seen:	2018-12-17 09:03:04 UTC
Status:	Blacklisted
Listing reason:	Malware C&C
Listing date:	2018-12-11 11:20:28
Malware samples:	100
Botnet C&Cs:	1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2018-12-17 09:03:04	b65f2939648b6db7fe137c7be8d961f0	31/69 (44.93%)		81.177.135.191:443
2018-12-17 09:03:04	b65f2939648b6db7fe137c7be8d961f0	31/69 (44.93%)		81.177.135.191:443
2018-12-17 07:50:47	729d6cfc5cc181c15b7fe58dbbbf08f9	38/69 (55.07%)		81.177.135.191:443
2018-12-17 07:50:47	729d6cfc5cc181c15b7fe58dbbbf08f9	38/69 (55.07%)		81.177.135.191:443
2018-12-16 12:36:40	f417395f331e294b6ce39e19c5e92d95	34/68 (50.00%)		81.177.135.191:443
2018-12-16 12:36:40	f417395f331e294b6ce39e19c5e92d95	34/68 (50.00%)		81.177.135.191:443
2018-12-16 04:50:53	907a2fc2e8fd343c6dcd8965311ba6f1	37/71 (52.11%)		81.177.135.191:443
2018-12-16 04:50:53	907a2fc2e8fd343c6dcd8965311ba6f1	37/71 (52.11%)		81.177.135.191:443
2018-12-16 04:47:00	adb490a2dbe3dcc0332bbe2cf7e99b66	31/70 (44.29%)		81.177.135.191:443
2018-12-16 04:47:00	adb490a2dbe3dcc0332bbe2cf7e99b66	31/70 (44.29%)		81.177.135.191:443
2018-12-15 08:52:01	c172b49578f6ccb2ed915fc29b6d4875	13/70 (18.57%)		81.177.135.191:443
2018-12-15 08:52:01	c172b49578f6ccb2ed915fc29b6d4875	13/70 (18.57%)		81.177.135.191:443
2018-12-14 22:13:20	979f1a39083c934095b3ee9c8f79fc3f	32/70 (45.71%)		81.177.135.191:443
2018-12-14 22:13:20	979f1a39083c934095b3ee9c8f79fc3f	32/70 (45.71%)		81.177.135.191:443
2018-12-13 18:53:18	a8ab123040afae0db39e36c3fde94260	29/69 (42.03%)		81.177.135.191:443
2018-12-13 18:53:18	a8ab123040afae0db39e36c3fde94260	29/69 (42.03%)		81.177.135.191:443
2018-12-12 16:59:53	963c486a5c9e36ce38ca99e57b8ffbf3	16/69 (23.19%)		81.177.135.191:443
2018-12-12 16:59:53	963c486a5c9e36ce38ca99e57b8ffbf3	16/69 (23.19%)		81.177.135.191:443
2018-12-12 07:06:46	6bc33319a2723e170260460a141c69eb	45/69 (65.22%)	Zyklon	81.177.135.191:443
2018-12-12 07:06:46	6bc33319a2723e170260460a141c69eb	45/69 (65.22%)	Zyklon	81.177.135.191:443
2018-12-11 03:03:30	e0b4fe0c704d78a8165150155ccf9d29	46/69 (66.67%)	ArkeiStealer	81.177.135.191:443
2018-12-11 03:03:30	e0b4fe0c704d78a8165150155ccf9d29	46/69 (66.67%)	ArkeiStealer	81.177.135.191:443
2018-12-10 23:51:36	3bf0ab9860b7e3ede38a060e37a0ef8c	38/69 (55.07%)	ArkeiStealer	81.177.135.191:443
2018-12-10 23:51:36	3bf0ab9860b7e3ede38a060e37a0ef8c	38/69 (55.07%)	ArkeiStealer	81.177.135.191:443
2018-12-10 20:14:49	811f73f3a96c4f8e91d4142a5314891e	32/69 (46.38%)	ArkeiStealer	81.177.135.191:443
2018-12-10 20:14:49	811f73f3a96c4f8e91d4142a5314891e	32/69 (46.38%)	ArkeiStealer	81.177.135.191:443
2018-12-09 22:31:54	cd4c68b3b3c786a17eb948b0681d3275	35/70 (50.00%)	ArkeiStealer	81.177.135.191:443
2018-12-09 22:31:54	cd4c68b3b3c786a17eb948b0681d3275	35/70 (50.00%)	ArkeiStealer	81.177.135.191:443
2018-12-09 16:03:40	122cb8da8f7fa9bd759a056b4aac8fcb	44/69 (63.77%)		81.177.135.191:443
2018-12-09 16:03:40	122cb8da8f7fa9bd759a056b4aac8fcb	44/69 (63.77%)		81.177.135.191:443
2018-12-09 15:04:29	e43cc02307604f86e72f7ea615f23abe	45/69 (65.22%)		81.177.135.191:443
2018-12-09 15:04:29	e43cc02307604f86e72f7ea615f23abe	45/69 (65.22%)		81.177.135.191:443
2018-12-09 14:58:37	fe5b5328fec1d3a0240b6c912546cb95	48/71 (67.61%)		81.177.135.191:443
2018-12-09 14:58:37	fe5b5328fec1d3a0240b6c912546cb95	48/71 (67.61%)		81.177.135.191:443
2018-12-09 13:18:33	3f0fe47660985d09c37296aab91aae90	34/68 (50.00%)		81.177.135.191:443
2018-12-09 13:18:33	3f0fe47660985d09c37296aab91aae90	34/68 (50.00%)		81.177.135.191:443
2018-12-09 08:56:33	6f20fc357512b9c97e0fe0e67dc3bb6a	20/69 (28.99%)		81.177.135.191:443
2018-12-09 08:56:33	6f20fc357512b9c97e0fe0e67dc3bb6a	20/69 (28.99%)		81.177.135.191:443
2018-12-09 08:31:05	db2be1d448557ef09e6a36b5e57f6227	39/69 (56.52%)		81.177.135.191:443
2018-12-09 08:31:05	db2be1d448557ef09e6a36b5e57f6227	39/69 (56.52%)		81.177.135.191:443
2018-12-09 03:35:11	aefce34e0899149072abaa423a9e027c	42/70 (60.00%)	AZORult	81.177.135.191:443
2018-12-09 03:35:11	aefce34e0899149072abaa423a9e027c	42/70 (60.00%)	AZORult	81.177.135.191:443
2018-12-08 19:02:24	1431b5eb4248d945c56bda385f618270	21/70 (30.00%)	AZORult	81.177.135.191:443
2018-12-08 19:02:24	1431b5eb4248d945c56bda385f618270	21/70 (30.00%)	AZORult	81.177.135.191:443
2018-12-08 13:18:11	c511f70bab857fb04d7f63fa534619ca	44/69 (63.77%)	AZORult	81.177.135.191:443
2018-12-08 13:18:11	c511f70bab857fb04d7f63fa534619ca	44/69 (63.77%)	AZORult	81.177.135.191:443
2018-12-08 11:26:49	c2c633bd151af32271f49d5bffb2b60e	39/69 (56.52%)		81.177.135.191:443
2018-12-08 11:26:49	c2c633bd151af32271f49d5bffb2b60e	39/69 (56.52%)		81.177.135.191:443
2018-12-08 10:22:50	a746845074cabe5f5ef888fb7d02bb31	34/70 (48.57%)		81.177.135.191:443
2018-12-08 10:22:50	a746845074cabe5f5ef888fb7d02bb31	34/70 (48.57%)		81.177.135.191:443
2018-12-08 10:04:28	dea78d5477d70269acdc6865e625d7de	43/69 (62.32%)		81.177.135.191:443
2018-12-08 10:04:28	dea78d5477d70269acdc6865e625d7de	43/69 (62.32%)		81.177.135.191:443
2018-12-08 09:58:42	0f4fd58c82b4e63791a0e67f82877065	43/69 (62.32%)	AZORult	81.177.135.191:443
2018-12-08 09:58:42	0f4fd58c82b4e63791a0e67f82877065	43/69 (62.32%)	AZORult	81.177.135.191:443
2018-12-08 08:22:41	6a0a1914af0a1e7011fd34d3b80bbe5a	17/68 (25.00%)		81.177.135.191:443
2018-12-08 08:22:41	6a0a1914af0a1e7011fd34d3b80bbe5a	17/68 (25.00%)		81.177.135.191:443
2018-12-07 16:59:57	cdc65fceee021353420437ac750dce98	39/71 (54.93%)		81.177.135.191:443
2018-12-07 16:59:57	cdc65fceee021353420437ac750dce98	39/71 (54.93%)		81.177.135.191:443
2018-12-07 14:30:05	c7829f4354100c5c6a4cdb056318a686	44/70 (62.86%)		81.177.135.191:443
2018-12-07 14:30:05	c7829f4354100c5c6a4cdb056318a686	44/70 (62.86%)		81.177.135.191:443
2018-12-07 14:18:36	c2dfead8579645b7af7544d1d6f54d0c	21/70 (30.00%)	ArkeiStealer	81.177.135.191:443
2018-12-07 14:18:36	c2dfead8579645b7af7544d1d6f54d0c	21/70 (30.00%)	ArkeiStealer	81.177.135.191:443
2018-12-07 10:51:13	0606078f805600d19121c2290d5a6d0d	45/71 (63.38%)		81.177.135.191:443
2018-12-07 10:51:13	0606078f805600d19121c2290d5a6d0d	45/71 (63.38%)		81.177.135.191:443
2018-12-07 10:50:59	52607b6967f728c8d7ecd5593ffe9e1c	41/70 (58.57%)	ArkeiStealer	81.177.135.191:443
2018-12-07 10:50:59	52607b6967f728c8d7ecd5593ffe9e1c	41/70 (58.57%)	ArkeiStealer	81.177.135.191:443
2018-12-07 08:45:22	f261956a178604d5efaebf0650b25038	37/69 (53.62%)		81.177.135.191:443
2018-12-07 08:45:22	f261956a178604d5efaebf0650b25038	37/69 (53.62%)		81.177.135.191:443
2018-12-07 07:59:39	f6dbda37f40237e5d9094ec3fb32b60a	35/70 (50.00%)		81.177.135.191:443
2018-12-07 07:59:39	f6dbda37f40237e5d9094ec3fb32b60a	35/70 (50.00%)		81.177.135.191:443
2018-12-07 07:32:02	4cdc793e001b992c4d1a5ad324b7a47f	33/70 (47.14%)		81.177.135.191:443
2018-12-07 07:32:02	4cdc793e001b992c4d1a5ad324b7a47f	33/70 (47.14%)		81.177.135.191:443
2018-12-07 07:05:09	b88e9c740fd48fcd4ff7dad7e6760910	40/69 (57.97%)		81.177.135.191:443
2018-12-07 07:05:09	b88e9c740fd48fcd4ff7dad7e6760910	40/69 (57.97%)		81.177.135.191:443
2018-12-07 02:31:32	e1b9edf7e0555ccf0c6b4f0a4cccdcb0	37/70 (52.86%)		81.177.135.191:443
2018-12-07 02:31:32	e1b9edf7e0555ccf0c6b4f0a4cccdcb0	37/70 (52.86%)		81.177.135.191:443
2018-12-05 07:28:09	c93c70862428d15f84208c5c1716b110	33/69 (47.83%)		81.177.135.191:443
2018-12-05 07:28:09	c93c70862428d15f84208c5c1716b110	33/69 (47.83%)		81.177.135.191:443
2018-12-03 12:44:31	33ad99005edb6903b4d4fc3bab239187	36/70 (51.43%)		81.177.135.191:443
2018-12-03 12:44:31	33ad99005edb6903b4d4fc3bab239187	36/70 (51.43%)		81.177.135.191:443
2018-12-02 12:57:16	b3b074156f1a594f969f3cdac7ad1e01	34/68 (50.00%)		81.177.135.191:443
2018-12-02 12:57:16	b3b074156f1a594f969f3cdac7ad1e01	34/68 (50.00%)		81.177.135.191:443
2018-12-01 08:45:37	66d5cf064f4eef6bd943c1f3e3a5c5ff	35/70 (50.00%)		81.177.135.191:443
2018-12-01 08:45:37	66d5cf064f4eef6bd943c1f3e3a5c5ff	35/70 (50.00%)		81.177.135.191:443
2018-12-01 04:18:11	91d33d5679bf8d27e77dddb654475c6c	33/69 (47.83%)		81.177.135.191:443
2018-12-01 04:18:11	91d33d5679bf8d27e77dddb654475c6c	33/69 (47.83%)		81.177.135.191:443
2018-12-01 02:23:16	8ae1154accd668ff2cbe6e47bfa9d9e0	34/68 (50.00%)	AZORult	81.177.135.191:443
2018-12-01 02:23:16	8ae1154accd668ff2cbe6e47bfa9d9e0	34/68 (50.00%)	AZORult	81.177.135.191:443
2018-11-29 22:26:14	791f15ae23eca64272978b78337b297e	31/68 (45.59%)		81.177.135.191:443
2018-11-29 22:26:14	791f15ae23eca64272978b78337b297e	31/68 (45.59%)		81.177.135.191:443
2018-11-29 14:11:09	5b380842265fae5db4ee1f825f0c1245	39/69 (56.52%)	Gozi	81.177.135.191:443
2018-11-29 14:11:09	5b380842265fae5db4ee1f825f0c1245	39/69 (56.52%)	Gozi	81.177.135.191:443
2018-11-28 08:13:36	4e7f6f40d86a4ec12678a6c37967d72e	25/69 (36.23%)	AZORult	81.177.135.191:443
2018-11-28 08:13:36	4e7f6f40d86a4ec12678a6c37967d72e	25/69 (36.23%)	AZORult	81.177.135.191:443
2018-11-26 18:01:39	4c175df61e54cb20aa7abbffbf57ee89	40/70 (57.14%)	AZORult	81.177.135.191:443
2018-11-26 18:01:39	4c175df61e54cb20aa7abbffbf57ee89	40/70 (57.14%)	AZORult	81.177.135.191:443
2018-11-25 12:43:43	eb5211d8b92a07fbc0b8bfc208432e60	45/69 (65.22%)		81.177.135.191:443
2018-11-25 12:43:43	eb5211d8b92a07fbc0b8bfc208432e60	45/69 (65.22%)		81.177.135.191:443
2018-11-24 02:58:56	e9149167e06c683ed6f12e89ce4b17ca	17/68 (25.00%)	ArkeiStealer	81.177.135.191:443
2018-11-24 02:58:56	e9149167e06c683ed6f12e89ce4b17ca	17/68 (25.00%)	ArkeiStealer	81.177.135.191:443

# of entries: 100 (max: 100)