SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 04bbff19be2eb08cb70d02f13c0a360c716a8196.
Database Entry
| SHA1 Fingerprint: | 04bbff19be2eb08cb70d02f13c0a360c716a8196 |
|---|---|
| Certificate Common Name (CN): | grandschester |
| Issuer Distinguished Name (DN): | grandschester |
| TLS Version: | TLS 1.2 |
| First seen: | 2016-12-11 12:08:51 UTC |
| Last seen: | 2016-12-12 02:15:19 UTC |
| Status: | Blacklisted |
| Listing reason: | TrickBot C&C |
| Listing date: | 2016-12-12 06:48:07 |
| Malware samples: | 3 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-12-12 02:15:19 | 2470152153bcbc3bed32255c27062543 |  19/57 (33.33%)
| 167.88.8.189:447 | |
| 2016-12-12 02:15:19 | 2470152153bcbc3bed32255c27062543 | 19/57 (33.33%)
| 167.88.8.189:447 | |
| 2016-12-11 22:47:44 | c9d0783c63dacdbfb425fbdb36b5870d | 25/57 (43.86%)
| TrickBot | 167.88.8.189:447 |
| 2016-12-11 22:47:44 | c9d0783c63dacdbfb425fbdb36b5870d | 25/57 (43.86%)
| TrickBot | 167.88.8.189:447 |
| 2016-12-11 22:47:44 | c9d0783c63dacdbfb425fbdb36b5870d | 25/57 (43.86%)
| TrickBot | 167.88.8.189:447 |
| 2016-12-11 22:47:44 | c9d0783c63dacdbfb425fbdb36b5870d | 25/57 (43.86%)
| TrickBot | 167.88.8.189:447 |
| 2016-12-11 12:08:51 | 87aebf50fa43fa08684e28deae01c6e7 | 15/56 (26.79%)
| TrickBot | 167.88.8.189:447 |
| 2016-12-11 12:08:51 | 87aebf50fa43fa08684e28deae01c6e7 | 15/56 (26.79%)
| TrickBot | 167.88.8.189:447 |
| 2016-12-11 12:08:51 | 87aebf50fa43fa08684e28deae01c6e7 | 15/56 (26.79%)
| TrickBot | 167.88.8.189:447 |
| 2016-12-11 12:08:51 | 87aebf50fa43fa08684e28deae01c6e7 | 15/56 (26.79%)
| TrickBot | 167.88.8.189:447 |
# of entries: 10 (max: 100)