SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 064d114bd34c4531d0299c4568de78825827622b.

Database Entry


SHA1 Fingerprint:064d114bd34c4531d0299c4568de78825827622b
Certificate Common Name (CN):opllestoon.krd
Issuer Distinguished Name (DN):opllestoon.krd
TLS Version:TLSv1
First seen:2015-08-04 19:10:00 UTC
Last seen:2015-08-08 08:29:37 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2015-08-05 15:51:27
Malware samples:6
Botnet C&Cs:2

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-08-08 08:29:37bc3ebcac4b124cfc6b659ee244ac0468Virustotal results 4/56 (7.14%) Dridex 119.81.87.154:443
2015-08-06 07:47:43b742f59ac763be69a9dc23604434df95Virustotal results 17/55 (30.91%) Dridex 148.251.157.148:443
2015-08-06 01:25:28a1ebab44ad99e97a96952bbd189e3bf7Virustotal results 6/55 (10.91%) Dridex 148.251.157.148:443
2015-08-05 19:14:06fe5a5164a447a473bf41fe4fd7434078Virustotal results 1/53 (1.89%) Dridex 148.251.157.148:443
2015-08-04 20:45:386a890edae526e67dd6c9bcd6223417a3Virustotal results 4/54 (7.41%) Downloader.Pony148.251.157.148:443
2015-08-04 19:10:0050715bc9f8d4ad07c1da78cff5220f1bVirustotal results 6/56 (10.71%) Dridex 148.251.157.148:443

# of entries: 6 (max: 100)