SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint a3a7dc38b90f718d3b34ea0fc6bec39c8f2f7a8c.
Database Entry
| SHA1 Fingerprint: | a3a7dc38b90f718d3b34ea0fc6bec39c8f2f7a8c |
|---|---|
| Certificate Common Name (CN): | stonithehe.Odat3heour.travelersinsurance |
| Issuer Distinguished Name (DN): | stonithehe.Odat3heour.travelersinsurance |
| TLS Version: | TLSv1 |
| First seen: | 2016-12-09 10:23:57 UTC |
| Last seen: | 2016-12-11 02:52:17 UTC |
| Status: | Blacklisted |
| Listing reason: | Dridex C&C |
| Listing date: | 2016-12-09 10:26:20 |
| Malware samples: | 2 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-12-11 02:52:17 | 63cb9c5b9ef45c5cb72d657d56bb5827 |  12/56 (21.43%)
| Dridex | 85.25.236.32:40443 |
| 2016-12-11 02:52:17 | 63cb9c5b9ef45c5cb72d657d56bb5827 | 12/56 (21.43%)
| Dridex | 85.25.236.32:40443 |
| 2016-12-09 10:23:57 | 0428d337a941afa3927db4c2d8156640 | 24/57 (42.11%)
| Dridex | 85.25.236.32:40443 |
| 2016-12-09 10:23:57 | 0428d337a941afa3927db4c2d8156640 | 24/57 (42.11%)
| Dridex | 85.25.236.32:40443 |
# of entries: 4 (max: 100)