1489525118 | 2024-11-06T02:40:03.262741
80 /
tcp
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 06 Nov 2024 02:40:03 GMT
Connection: close
Content-Length: 315
703707298 | 2024-11-07T04:19:49.904953
443 /
tcp
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Tue, 24 Sep 2024 19:10:41 GMT
Accept-Ranges: bytes
ETag: "40ebbb72b5edb1:0"
Server: Microsoft-IIS/10.0
Date: Thu, 07 Nov 2024 04:15:20 GMT
Content-Length: 703
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:6c:7d:2c:a1:e2:19:0f:fe:61:41:70:6d:66:06:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Validity
Not Before: Aug 8 00:00:00 2024 GMT
Not After : Sep 7 23:59:59 2025 GMT
Subject: CN=*.qaznord.kz
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c1:26:ee:af:26:a4:87:1a:21:96:38:c6:b3:f6:
26:10:60:8f:c4:19:30:18:80:b1:23:55:a0:59:90:
68:29:50:af:3d:00:c3:a8:61:bb:88:3b:10:5c:eb:
45:ce:40:0e:78:ea:20:e5:7a:43:b2:a3:77:96:4f:
3f:c8:10:1e:58:8c:4e:5a:d0:ab:07:10:49:dc:59:
9e:e1:fe:99:e6:ef:3a:23:7b:18:88:de:99:5a:b8:
98:5c:a5:3d:9f:9a:4c:50:5d:c7:72:6a:3f:31:2a:
90:89:0e:a0:f8:7e:ac:b2:b2:fb:5e:88:01:99:3d:
2d:4e:88:4a:58:76:89:00:d0:94:65:54:5b:6c:8f:
ab:bd:a1:00:05:9a:db:00:7c:d5:9d:cb:6c:fa:2d:
ee:fb:ae:42:5f:de:dc:33:85:58:ca:bf:87:dd:e0:
17:10:28:d0:48:cb:58:9d:ab:8f:09:81:0b:3b:10:
6a:96:6e:1a:ab:4e:48:c1:78:a8:11:e5:4d:bf:46:
9c:18:5b:84:6a:36:2f:fb:a6:82:4c:cb:fc:b3:07:
f9:56:50:ec:a7:fd:e7:48:82:c3:10:7b:6e:ae:5d:
a1:2e:b1:eb:f9:5c:d2:c1:db:6a:f0:0d:5b:e5:87:
bb:a3:e5:b4:0a:90:78:60:b9:97:65:0b:cd:77:85:
40:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
X509v3 Subject Key Identifier:
F3:1D:E8:51:80:9C:65:6C:5B:9A:20:1A:64:96:C6:F7:97:A5:CF:0F
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.6449.1.2.2.7
CPS: https://sectigo.com/CPS
Policy: 2.23.140.1.2.1
Authority Information Access:
CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
OCSP - URI:http://ocsp.sectigo.com
X509v3 Subject Alternative Name:
DNS:*.qaznord.kz, DNS:qaznord.kz
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DD:DC:CA:34:95:D7:E1:16:05:E7:95:32:FA:C7:9F:F8:
3D:1C:50:DF:DB:00:3A:14:12:76:0A:2C:AC:BB:C8:2A
Timestamp : Aug 8 17:04:01.357 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:3A:AB:52:96:C0:3E:61:B5:7E:EE:47:41:
A0:D2:18:B7:C4:9D:A6:68:99:5F:D2:81:74:91:43:EE:
DE:71:FE:62:02:20:2A:24:E5:37:76:A4:BD:66:B6:B9:
81:1C:31:92:D9:F4:F4:1D:31:58:B5:E4:F8:36:4D:18:
4E:2D:07:DB:E5:70
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
Timestamp : Aug 8 17:04:01.279 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:F7:E9:2A:99:30:EA:40:CB:A9:49:9E:
C2:3E:58:0B:5F:9A:8F:87:52:1E:B2:C5:FD:32:20:12:
68:87:C8:7B:79:02:20:45:16:14:C8:C8:69:10:D4:80:
DD:8C:3E:4C:6A:98:C7:CC:F0:9F:A8:50:D9:C6:81:6C:
7B:10:33:66:3A:01:1A
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
Timestamp : Aug 8 17:04:01.250 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:80:96:C7:35:51:1F:32:CC:7D:FF:F2:
23:A3:43:C4:03:64:54:ED:52:1F:90:CE:EA:72:8F:8B:
1F:22:C9:3E:0B:02:20:27:B1:A7:5E:B8:CF:A7:6A:96:
57:96:DE:65:FC:D0:FE:07:EC:9E:1C:52:59:DB:13:40:
B1:D4:F6:68:33:C7:93
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
43:3b:08:7e:63:b5:9e:fa:ee:89:fa:b1:6f:16:57:97:52:82:
67:dd:e6:de:cc:df:c9:79:c0:ad:0c:26:9f:4e:27:97:d8:5c:
63:4d:0d:53:ab:59:7b:f4:d3:56:82:ce:3c:35:41:ae:6f:5d:
d2:c3:ff:b5:cb:b1:7b:a0:d3:7b:27:e2:cb:f0:7d:ad:8a:9a:
84:d9:50:ad:a4:ac:41:39:00:c0:61:75:ca:60:7e:0e:7f:ff:
7a:d3:b4:d1:69:c3:8c:fa:e4:26:2f:51:31:02:9c:c4:1f:7a:
65:20:57:c3:78:a0:13:64:1a:7a:74:cb:e4:61:96:72:5e:4c:
81:c3:5f:9f:1f:80:e0:53:e1:9c:e5:f2:4f:10:a5:8f:27:72:
b5:77:49:53:49:32:cd:18:d7:ce:75:b9:78:52:35:9e:95:48:
0c:f6:92:23:42:1c:f1:8d:af:f7:f0:ad:99:e0:e8:b2:03:d3:
97:54:d9:70:98:b8:30:62:8f:6f:8d:99:75:9c:26:69:cf:21:
d4:5d:18:5d:7c:7d:03:63:f4:2a:0a:14:49:64:6f:cc:2f:cf:
24:cf:ac:69:80:95:14:39:f4:cc:56:c4:ed:03:fd:a6:5b:32:
c1:47:c5:5d:ff:86:e0:9f:9d:73:13:a7:fb:12:f8:e2:97:82:
41:8d:2f:2e
1280584743 | 2024-10-31T06:09:42.848462
3389 /
tcp
Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
OS: Windows 10 (version 1809)/Windows Server 2019 (version 1809)
OS Build: 10.0.17763
Target Name: SERVER
NetBIOS Domain Name: SERVER
NetBIOS Computer Name: SERVER
DNS Domain Name: SERVER
FQDN: SERVER
Encrypted by BlackBit
All your files have been encrypted due to a security problem with your computer
If you want to restore them, write us to the e-mail: darkmysticonionmail.com
Write this ID in the title of your message: D8460F5E
In case of no answer in 24 hours write us to this e-mail: darkmystictutamail.com
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:df:26:7b:66:4a:e6:93:4e:cc:ae:0d:50:b5:b1:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=SERVER
Validity
Not Before: Sep 19 07:46:33 2024 GMT
Not After : Mar 21 07:46:33 2025 GMT
Subject: CN=SERVER
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c2:4d:80:13:78:59:5c:d3:b1:2e:1f:b3:41:84:
a6:b7:82:99:e6:62:a1:a2:15:a3:4d:0d:66:12:fd:
69:76:85:6d:db:63:27:9a:bc:3c:73:ab:b5:9b:6d:
72:ea:8a:ed:7f:dd:02:6b:ab:a3:93:55:db:ab:f8:
3b:74:b0:43:d0:f0:3d:bb:72:43:02:4a:b5:f1:18:
47:68:4a:22:2f:8d:9b:1e:ec:79:66:1e:b0:68:75:
4c:78:27:9c:c6:82:fb:37:01:fa:c7:d2:2e:c2:07:
5d:17:4b:d1:4c:94:84:53:ea:87:5c:e8:aa:23:9a:
05:24:8d:0a:8f:80:b6:da:dc:33:76:97:31:a6:e8:
f0:98:17:3b:49:8f:f0:6c:0f:61:fe:a0:5c:86:35:
67:31:3d:01:9d:bb:3c:1c:b4:47:47:dd:ee:68:c3:
26:cb:03:d5:06:07:4d:25:18:1e:33:91:f6:34:bd:
42:88:b8:2a:d6:6d:41:e6:69:b0:81:4c:4e:8a:ca:
3f:bd:07:81:ae:8a:eb:ba:a5:f6:5c:22:e4:57:d7:
fd:bc:ab:44:d2:7e:18:eb:a7:10:e8:43:69:e2:4c:
dc:1a:07:e4:47:ad:a4:ea:37:a5:b4:1a:b7:3b:1d:
d6:8f:d3:19:57:e8:e9:f7:b4:a0:6a:c3:1b:9c:48:
95:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Key Usage:
Key Encipherment, Data Encipherment
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
7d:f8:30:c6:3b:0c:a3:1a:1b:7b:2a:17:28:92:6f:9a:7a:5e:
0b:4b:df:90:24:28:fe:37:58:a5:91:25:44:cb:1f:46:ad:35:
d5:a4:18:76:1e:5c:cf:6b:9d:08:2e:3f:1b:22:a1:87:2b:be:
27:4e:98:ce:67:83:db:ff:fb:72:6d:81:61:3d:23:a8:78:71:
0b:4b:ed:5a:75:1c:c4:3f:1d:e1:f5:7b:c1:13:91:04:15:10:
cf:bc:68:72:07:c2:be:22:8c:a9:dd:60:40:e1:c2:8d:7a:2d:
93:43:b5:b7:ee:8b:8e:cb:5d:ed:f4:b6:8b:3f:74:11:b0:f6:
09:67:c2:30:9a:0d:2b:bf:1e:8c:bb:7c:3a:d8:d9:0a:79:c7:
f7:88:d5:5a:0b:9c:85:4b:b3:ea:12:f3:32:61:6c:d3:22:a2:
a9:21:5b:05:43:e5:dc:3a:7e:31:c3:ba:06:8d:0e:c0:20:a7:
44:b3:9d:ea:79:d4:c7:cc:11:07:21:22:c4:9a:df:2b:13:41:
39:e4:c6:90:e3:b6:03:a8:86:e2:2f:c6:1b:b3:98:58:bf:ed:
3a:48:6f:70:5d:e1:15:dd:a5:7c:64:cc:8e:07:64:3d:a0:97:
20:ee:89:8e:79:f4:5a:7b:82:8c:74:4f:ba:7e:0b:8e:72:c8:
38:99:7d:07