SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint fcb2f09b7f23547520bf3ae4436d250d9802ecf6.
Database Entry
| SHA1 Fingerprint: | fcb2f09b7f23547520bf3ae4436d250d9802ecf6 |
|---|---|
| Certificate Common Name (CN): | DcRat |
| Issuer Distinguished Name (DN): | Baxis, OU=qwqdanchun, O=DcRat By qwqdanchun, L=SH, C=CN |
| TLS Version: | TLSv1 |
| First seen: | 2022-01-24 20:30:17 UTC |
| Last seen: | 2022-01-29 14:35:27 UTC |
| Status: | Blacklisted |
| Listing reason: | RedLineStealer C&C |
| Listing date: | 2022-01-25 09:15:35 |
| Malware samples: | 3 |
| Botnet C&Cs: | 3 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2022-01-29 14:35:27 | e326c7b1573790be0681dcdc109e15a3 |  40 / 65 (61.54%)
| RedLineStealer | 18.189.106.45:12394 |
| 2022-01-29 14:35:27 | e326c7b1573790be0681dcdc109e15a3 | 40 / 65 (61.54%)
| RedLineStealer | 18.189.106.45:12394 |
| 2022-01-25 15:57:51 | b95cb76cec0b0c88a409403518559fb3 | 39 / 68 (57.35%)
| RedLineStealer | 3.128.107.74:16030 |
| 2022-01-25 15:57:51 | b95cb76cec0b0c88a409403518559fb3 | 39 / 68 (57.35%)
| RedLineStealer | 3.128.107.74:16030 |
| 2022-01-24 20:30:17 | 5ae748c103a50cdd6d338506a153caa6 | 38 / 67 (56.72%)
| RedLineStealer | 3.134.125.175:17709 |
| 2022-01-24 20:30:17 | 5ae748c103a50cdd6d338506a153caa6 | 38 / 67 (56.72%)
| RedLineStealer | 3.134.125.175:17709 |
# of entries: 6 (max: 100)