SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint c3119e049e972072675bcc408c496633a60f305d.
Database Entry
| SHA1 Fingerprint: | c3119e049e972072675bcc408c496633a60f305d |
|---|---|
| Certificate Common Name (CN): | thesiofrgf.ga |
| Issuer Distinguished Name (DN): | thesiofrgf.ga |
| TLS Version: | TLSv1 |
| First seen: | 2015-12-11 06:24:26 UTC |
| Last seen: | 2016-01-09 17:45:57 UTC |
| Status: | Blacklisted |
| Listing reason: | Dridex C&C |
| Listing date: | 2015-12-11 15:15:26 |
| Malware samples: | 4 |
| Botnet C&Cs: | 2 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-01-09 17:45:57 | aeaefae593703f7324ebe2ff934bb726 |  9/53 (16.98%)
| Dridex | 188.126.116.26:443 |
| 2016-01-09 17:45:57 | aeaefae593703f7324ebe2ff934bb726 | 9/53 (16.98%)
| Dridex | 188.126.116.26:443 |
| 2015-12-22 12:23:56 | cacb79e05cf54490a7067aa1544083fa | 3/54 (5.56%)
| Dridex | 62.109.133.248:444 |
| 2015-12-22 12:23:56 | cacb79e05cf54490a7067aa1544083fa | 3/54 (5.56%)
| Dridex | 62.109.133.248:444 |
| 2015-12-16 12:17:09 | 043486517f4da706ebe8151e4198ab8c | 4/55 (7.27%)
| Dridex | 188.126.116.26:443 |
| 2015-12-16 12:17:09 | 043486517f4da706ebe8151e4198ab8c | 4/55 (7.27%)
| Dridex | 188.126.116.26:443 |
| 2015-12-11 06:24:26 | f064e22e6b1ef8eded3a0cf7a8465b0c | 26/55 (47.27%)
| Dridex | 188.126.116.26:443 |
| 2015-12-11 06:24:26 | f064e22e6b1ef8eded3a0cf7a8465b0c | 26/55 (47.27%)
| Dridex | 188.126.116.26:443 |
# of entries: 8 (max: 100)