SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 38d50be8831f4a2ae931dd3156a8cd8e1217bd53.

Database Entry


SHA1 Fingerprint:38d50be8831f4a2ae931dd3156a8cd8e1217bd53
Certificate Common Name (CN):Itofrarefl.attorney
Issuer Distinguished Name (DN):Itofrarefl.attorney
TLS Version:TLSv1
First seen:2016-12-27 01:07:55 UTC
Last seen:2017-01-02 22:08:09 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2017-01-05 07:34:47
Malware samples:3
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2017-01-02 22:08:09b0655995aba6eb257a7888872d6f6e59Virustotal results 20/53 (37.74%) Dridex 92.222.129.145:4431
2017-01-02 22:08:09b0655995aba6eb257a7888872d6f6e59Virustotal results 20/53 (37.74%) Dridex 92.222.129.145:4431
2016-12-30 02:40:55de815f5e705af839b1da3b87d6bdce18Virustotal results 10/56 (17.86%) Dridex 92.222.129.145:4431
2016-12-30 02:40:55de815f5e705af839b1da3b87d6bdce18Virustotal results 10/56 (17.86%) Dridex 92.222.129.145:4431
2016-12-27 01:07:558db0150193681876c02119823d05cfceVirustotal results 14/57 (24.56%) Dridex 92.222.129.145:4431
2016-12-27 01:07:558db0150193681876c02119823d05cfceVirustotal results 14/57 (24.56%) Dridex 92.222.129.145:4431

# of entries: 6 (max: 100)