SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint faff798e6eeb919255d3d36d461d46dd3fcc2cf7.

Database Entry

SHA1 Fingerprint:faff798e6eeb919255d3d36d461d46dd3fcc2cf7
Certificate Common Name (CN):157.90.25.39
Issuer Distinguished Name (DN):157.90.25.39
TLS Version:TLS 1.2
First seen:2024-04-14 21:38:37 UTC
Last seen:2024-04-16 16:34:09 UTC
Status:Blacklisted
Listing reason:PureLogStealer C&C
Listing date:2024-04-16 17:18:02
Malware samples:23
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2024-04-16 16:34:0938c0f069a64870ec75461afc5be767d0Virustotal results 26 / 71 (36.62%) Ransomware.Stop157.90.25.39:5432
2024-04-16 15:54:34e5f6578c1b7d0994590c4a7f37f6bcd9Virustotal results 23 / 70 (32.86%) Ransomware.Stop157.90.25.39:5432
2024-04-16 13:23:075289306540bb07bff5c3032fca0c3f58Virustotal results 21 / 70 (30.00%) Ransomware.Stop157.90.25.39:5432
2024-04-16 08:56:43206a5afb1adfaf0ecfbbf8f5bfe115bfVirustotal results 25 / 70 (35.71%) TeamBot157.90.25.39:5432
2024-04-16 08:46:207bf2ed31e5b9c59d24f750dbbcf10ab5Virustotal results 33 / 70 (47.14%) Ransomware.Stop157.90.25.39:5432
2024-04-16 06:20:396067c1f7658f5862dcce964ae8a9b049Virustotal results 32 / 69 (46.38%) Ransomware.Stop157.90.25.39:5432
2024-04-16 05:57:1923e17bc0ed5de8c26fc0d371d64c3b2cVirustotal results 32 / 70 (45.71%) Ransomware.Stop157.90.25.39:5432
2024-04-16 04:53:05d201b331c5953dd3271f84a687e893b4Virustotal results 22 / 70 (31.43%) Ransomware.Stop157.90.25.39:5432
2024-04-16 00:40:46e2a733f51b662778b62c47f9e6727c00Virustotal results 29 / 70 (41.43%) Ransomware.Stop157.90.25.39:5432
2024-04-15 21:21:38ee36df0a7d9721de85b8349377f67369Virustotal results 33 / 70 (47.14%) Ransomware.Stop157.90.25.39:5432
2024-04-15 20:37:11cabc5d4f81025ea43f2477adb2e2627dVirustotal results 31 / 68 (45.59%) Ransomware.Stop157.90.25.39:5432
2024-04-15 20:28:343e2828108fe38b09181ea613e630edb2Virustotal results 32 / 70 (45.71%) Ransomware.Stop157.90.25.39:5432
2024-04-15 16:37:31c5c1ca56d106806d9b23a85fd3dd08dcVirustotal results 27 / 66 (40.91%) Ransomware.Stop157.90.25.39:5432
2024-04-15 13:58:22701ee8434f6d21cabe4ef99284befd96Virustotal results 30 / 70 (42.86%) Ransomware.Stop157.90.25.39:5432
2024-04-15 10:26:12b7c2b12631e997b20e7cc5152e38f858Virustotal results 29 / 70 (41.43%) Ransomware.Stop157.90.25.39:5432
2024-04-15 09:16:261908b4245aec9515b6fa1ed02cb56e51Virustotal results 34 / 70 (48.57%) Ransomware.Stop157.90.25.39:5432
2024-04-15 09:05:5627f8736302cc341a6fee7eef31efa585Virustotal results 42 / 69 (60.87%) PureLogStealer157.90.25.39:5432
2024-04-15 05:37:4718c2af48ff389b2c5b2e0c274f522dccVirustotal results 32 / 70 (45.71%) Ransomware.Stop157.90.25.39:5432
2024-04-15 05:23:05f82c34c4537f579c783b3b807e561a45Virustotal results 32 / 70 (45.71%) Ransomware.Stop157.90.25.39:5432
2024-04-15 04:21:455c6ed4b041634c730ab9f8cfdd0ec368Virustotal results 19 / 54 (35.19%) Ransomware.Stop157.90.25.39:5432
2024-04-15 04:17:06f4f568a50dbe3e93c5a373f0a09aa5a9Virustotal results 26 / 70 (37.14%) Ransomware.Stop157.90.25.39:5432
2024-04-14 23:28:26bb18dafa20462790f6a780fa9624a466n/aRansomware.Stop157.90.25.39:5432
2024-04-14 21:38:37d1d6bbcce1de13586863087efe6eb5efVirustotal results 26 / 70 (37.14%) Ransomware.Stop157.90.25.39:5432

# of entries: 23 (max: 100)