SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint ef5c968aaf51839c90964c17a98c054c7b69b93d.

Database Entry


SHA1 Fingerprint:ef5c968aaf51839c90964c17a98c054c7b69b93d
Certificate Common Name (CN):fuke
Issuer Distinguished Name (DN):fuke
TLS Version:TLSv1' NOTBEFOR
First seen:2021-01-25 03:58:58 UTC
Last seen:2021-02-25 21:57:32 UTC
Status:Blacklisted
Listing reason:AsyncRAT C&C
Listing date:2021-02-03 10:25:56
Malware samples:10
Botnet C&Cs:3

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2021-02-25 21:57:32efeff4b4242776d6576b0fb18f35d52cVirustotal results 48 / 69 (69.57%) QuasarRAT154.16.67.107:1177
2021-02-24 20:18:02c0dba9883a3435c02cef2d6832f32f6cn/aAsyncRAT154.16.67.107:1177
2021-02-16 15:09:110d628fc8402c6776c08dd90189667ab4n/aAsyncRAT88.214.59.150:9911
2021-02-16 14:32:522d1f8c37e5cbf4f4ffeed150dfc81497n/aAsyncRAT88.214.59.150:9911
2021-02-03 02:01:483bc68d6a8eced1a8f406669e12d9346fn/aAsyncRAT51.81.7.200:8808
2021-02-03 01:52:244dc92e7d27ac9a1fbc6c6d9155344d37n/aAsyncRAT51.81.7.200:8808
2021-01-25 04:13:52d1775dc66c2c03a597ce3083ddd36441n/aAsyncRAT88.214.59.150:1177
2021-01-25 04:11:29e95f50b597e64588f692c09a3a77f7e3n/aAsyncRAT88.214.59.150:1177
2021-01-25 04:05:46c113cc59885bf686f55c4058009e61d0n/aAsyncRAT88.214.59.150:1177
2021-01-25 03:58:58b53425744a518f6718bb1bf55f2eae41n/aAsyncRAT88.214.59.150:1177

# of entries: 10 (max: 100)