SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 04bbff19be2eb08cb70d02f13c0a360c716a8196.

Database Entry


SHA1 Fingerprint:04bbff19be2eb08cb70d02f13c0a360c716a8196
Certificate Common Name (CN):grandschester
Issuer Distinguished Name (DN):grandschester
TLS Version:TLS 1.2
First seen:2016-12-11 12:08:51 UTC
Last seen:2016-12-12 02:15:19 UTC
Status:Blacklisted
Listing reason:TrickBot C&C
Listing date:2016-12-12 06:48:07
Malware samples:3
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-12-12 02:15:192470152153bcbc3bed32255c27062543Virustotal results 19/57 (33.33%) 167.88.8.189:447
2016-12-11 22:47:44c9d0783c63dacdbfb425fbdb36b5870dVirustotal results 25/57 (43.86%) TrickBot 167.88.8.189:447
2016-12-11 22:47:44c9d0783c63dacdbfb425fbdb36b5870dVirustotal results 25/57 (43.86%) TrickBot 167.88.8.189:447
2016-12-11 12:08:5187aebf50fa43fa08684e28deae01c6e7Virustotal results 15/56 (26.79%) TrickBot 167.88.8.189:447
2016-12-11 12:08:5187aebf50fa43fa08684e28deae01c6e7Virustotal results 15/56 (26.79%) TrickBot 167.88.8.189:447

# of entries: 5 (max: 100)