SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint a1a5d7c2340ee89dcf9da7ed68f2511e5ff0ea6e.

Database Entry


SHA1 Fingerprint:a1a5d7c2340ee89dcf9da7ed68f2511e5ff0ea6e
Certificate Common Name (CN):seregtthem.id
Issuer Distinguished Name (DN):seregtthem.id
TLS Version:TLS 1.2
First seen:2015-09-24 07:21:33 UTC
Last seen:2015-09-29 02:48:44 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2015-09-24 09:25:03
Malware samples:4
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-09-29 02:48:4415e381517d381966c7c5bdd14d592ffaVirustotal results 39/57 (68.42%) Dridex 31.131.251.33:743
2015-09-29 02:48:4415e381517d381966c7c5bdd14d592ffaVirustotal results 39/57 (68.42%) Dridex 31.131.251.33:743
2015-09-28 23:42:17c4dbd9f3dca61131963b5bfdc0bea0d4Virustotal results 20/55 (36.36%) Dridex 31.131.251.33:743
2015-09-28 23:42:17c4dbd9f3dca61131963b5bfdc0bea0d4Virustotal results 20/55 (36.36%) Dridex 31.131.251.33:743
2015-09-28 22:15:23c8c2940772dfebdd654d02af2a57faecVirustotal results 23/55 (41.82%) Dridex 31.131.251.33:743
2015-09-28 22:15:23c8c2940772dfebdd654d02af2a57faecVirustotal results 23/55 (41.82%) Dridex 31.131.251.33:743
2015-09-24 07:21:33227999c97b798dfae53f02779f9b43afVirustotal results 28/56 (50.00%) Dridex 31.131.251.33:743
2015-09-24 07:21:33227999c97b798dfae53f02779f9b43afVirustotal results 28/56 (50.00%) Dridex 31.131.251.33:743

# of entries: 8 (max: 100)