SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint f5c3dbe6ccd9377820f42c7500ab9b85b568d55a.
Database Entry
| SHA1 Fingerprint: | f5c3dbe6ccd9377820f42c7500ab9b85b568d55a |
|---|---|
| Certificate Common Name (CN): | P18055077 |
| Issuer Distinguished Name (DN): | P18055077 |
| TLS Version: | TLS 1.2 |
| First seen: | 2023-12-04 19:29:57 UTC |
| Last seen: | 2023-12-04 19:37:45 UTC |
| Status: | Blacklisted |
| Listing reason: | PoshC2 C&C |
| Listing date: | 2023-12-05 06:34:08 |
| Malware samples: | 9 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2023-12-04 19:37:45 | df17318ca294bc40d69b39f0cad808be | n/a | PoshC2 | 139.59.72.48:9443 |
| 2023-12-04 19:36:22 | 5976bcd5e7f558b6aed4e84ce4b0eeb5 | n/a | PoshC2 | 139.59.72.48:9443 |
| 2023-12-04 19:34:49 | ea3a7609e12fe069ec2968793646876e | n/a | PoshC2 | 139.59.72.48:9443 |
| 2023-12-04 19:33:52 | c5be48d0efb4f5b1d00a01973ddbda7c | n/a | PoshC2 | 139.59.72.48:9443 |
| 2023-12-04 19:33:28 | 6b77497a327fb8d1c052ce7a0c40a4a6 | n/a | PoshC2 | 139.59.72.48:9443 |
| 2023-12-04 19:32:51 | 2aa385ec22b7d59f7cb28251dc196659 | n/a | PoshC2 | 139.59.72.48:9443 |
| 2023-12-04 19:32:16 | 1f91c3ab8a9689208e162e81b16881fe | n/a | PoshC2 | 139.59.72.48:9443 |
| 2023-12-04 19:31:54 | 7cb5b2e693a846336c39c2a90d7da99d | n/a | PoshC2 | 139.59.72.48:9443 |
| 2023-12-04 19:29:57 | 67ab437368a089ac74f37d79528d381f | n/a | PoshC2 | 139.59.72.48:9443 |
# of entries: 9 (max: 100)