SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 0eea47b589dfcf398f8759375d7ed12c1ae03b54.
Database Entry
| SHA1 Fingerprint: | 0eea47b589dfcf398f8759375d7ed12c1ae03b54 |
|---|---|
| Certificate Common Name (CN): | trevencequs.la |
| Issuer Distinguished Name (DN): | trevencequs.la |
| TLS Version: | TLSv1 |
| First seen: | 2015-12-16 12:17:09 UTC |
| Last seen: | 2016-01-09 17:45:57 UTC |
| Status: | Blacklisted |
| Listing reason: | Dridex C&C |
| Listing date: | 2015-12-16 14:19:48 |
| Malware samples: | 4 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-01-09 17:45:57 | aeaefae593703f7324ebe2ff934bb726 |  9/53 (16.98%)
| Dridex | 202.69.40.173:243 |
| 2016-01-09 17:45:57 | aeaefae593703f7324ebe2ff934bb726 | 9/53 (16.98%)
| Dridex | 202.69.40.173:243 |
| 2015-12-20 13:55:20 | 59121fef219e66a99544b2180dd6d603 | 30/52 (57.69%)
| Dridex | 202.69.40.173:243 |
| 2015-12-20 13:55:20 | 59121fef219e66a99544b2180dd6d603 | 30/52 (57.69%)
| Dridex | 202.69.40.173:243 |
| 2015-12-16 23:25:50 | dddde9f8a2459e18583434b1421bb509 | 9/54 (16.67%)
| Dridex | 202.69.40.173:243 |
| 2015-12-16 23:25:50 | dddde9f8a2459e18583434b1421bb509 | 9/54 (16.67%)
| Dridex | 202.69.40.173:243 |
| 2015-12-16 12:17:09 | 043486517f4da706ebe8151e4198ab8c | 4/55 (7.27%)
| Dridex | 202.69.40.173:243 |
| 2015-12-16 12:17:09 | 043486517f4da706ebe8151e4198ab8c | 4/55 (7.27%)
| Dridex | 202.69.40.173:243 |
# of entries: 8 (max: 100)