SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 0f3f717020b132bde96c9d00173a7a53dd68ead9.

Database Entry

SHA1 Fingerprint:	0f3f717020b132bde96c9d00173a7a53dd68ead9
Certificate Common Name (CN):	6ieanthedilyan.Ftyhe5lysoua.tvs
Issuer Distinguished Name (DN):	6ieanthedilyan.Ftyhe5lysoua.tvs
TLS Version:	TLS 1.2' NOTBEF
First seen:	2018-11-28 10:30:24 UTC
Last seen:	2018-12-03 15:49:03 UTC
Status:	Blacklisted
Listing reason:	Dridex C&C
Listing date:	2018-11-30 12:00:29
Malware samples:	17
Botnet C&Cs:	1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2018-12-03 15:49:03	6e7f89f905ec25238f161fe2fb36c917	20/69 (28.99%)	Dridex	198.61.196.18:1801
2018-12-03 15:49:03	6e7f89f905ec25238f161fe2fb36c917	20/69 (28.99%)	Dridex	198.61.196.18:1801
2018-12-01 23:19:58	17667ed6f2f6daf001df89e82a433701	30/70 (42.86%)	Dridex	198.61.196.18:1801
2018-12-01 23:19:58	17667ed6f2f6daf001df89e82a433701	30/70 (42.86%)	Dridex	198.61.196.18:1801
2018-12-01 06:55:54	499c9245f214e755ae8277782ed5bf2f	15/67 (22.39%)	Dridex	198.61.196.18:1801
2018-12-01 06:55:54	499c9245f214e755ae8277782ed5bf2f	15/67 (22.39%)	Dridex	198.61.196.18:1801
2018-12-01 04:18:42	97a99bccb1c7b5f64b3e72fbcfed8e3e	21/69 (30.43%)	Dridex	198.61.196.18:1801
2018-12-01 04:18:42	97a99bccb1c7b5f64b3e72fbcfed8e3e	21/69 (30.43%)	Dridex	198.61.196.18:1801
2018-12-01 02:39:59	2365fd8dd0674a8c0b53d895ebc9d7a4	16/69 (23.19%)	Dridex	198.61.196.18:1801
2018-12-01 02:39:59	2365fd8dd0674a8c0b53d895ebc9d7a4	16/69 (23.19%)	Dridex	198.61.196.18:1801
2018-11-30 15:44:00	dba562ea712e538c14ccea514ade4ac0	14/70 (20.00%)	Dridex	198.61.196.18:1801
2018-11-30 15:44:00	dba562ea712e538c14ccea514ade4ac0	14/70 (20.00%)	Dridex	198.61.196.18:1801
2018-11-30 10:52:15	d502b2f820de0fc451919cfc42b51715	26/69 (37.68%)	Dridex	198.61.196.18:1801
2018-11-30 10:52:15	d502b2f820de0fc451919cfc42b51715	26/69 (37.68%)	Dridex	198.61.196.18:1801
2018-11-30 10:49:22	9bfd32239123aab56a43d82849a47a7e	15/70 (21.43%)	Dridex	198.61.196.18:1801
2018-11-30 10:49:22	9bfd32239123aab56a43d82849a47a7e	15/70 (21.43%)	Dridex	198.61.196.18:1801
2018-11-30 07:19:15	3ed318e49e68bd15f5544419f97ff0c5	16/70 (22.86%)	Dridex	198.61.196.18:1801
2018-11-30 07:19:15	3ed318e49e68bd15f5544419f97ff0c5	16/70 (22.86%)	Dridex	198.61.196.18:1801
2018-11-30 01:44:39	2e9bf3bacdf822b908be554d3a33eb7e	17/69 (24.64%)	Dridex	198.61.196.18:1801
2018-11-30 01:44:39	2e9bf3bacdf822b908be554d3a33eb7e	17/69 (24.64%)	Dridex	198.61.196.18:1801
2018-11-29 23:30:59	0cfbac524fc6baf04a137e2ced748c8f	16/69 (23.19%)	Dridex	198.61.196.18:1801
2018-11-29 23:30:59	0cfbac524fc6baf04a137e2ced748c8f	16/69 (23.19%)	Dridex	198.61.196.18:1801
2018-11-28 22:23:21	ef01a03ab0331d0865087c4b023f7974	n/a	Dridex	198.61.196.18:1801
2018-11-28 22:23:21	ef01a03ab0331d0865087c4b023f7974	n/a	Dridex	198.61.196.18:1801
2018-11-28 21:53:51	42c4f76e4604edfcb21b4a484084ab84	34/58 (58.62%)	Dridex	198.61.196.18:1801
2018-11-28 21:53:51	42c4f76e4604edfcb21b4a484084ab84	34/58 (58.62%)	Dridex	198.61.196.18:1801
2018-11-28 19:54:24	edcabae4c660be0658d84f1b4de9eae5	n/a	Dridex	198.61.196.18:1801
2018-11-28 19:54:24	edcabae4c660be0658d84f1b4de9eae5	n/a	Dridex	198.61.196.18:1801
2018-11-28 19:47:33	ab0cbcf73f6b20f5e3e169b8499caec6	n/a	Dridex	198.61.196.18:1801
2018-11-28 19:47:33	ab0cbcf73f6b20f5e3e169b8499caec6	n/a	Dridex	198.61.196.18:1801
2018-11-28 14:48:38	60b2a867b6fe57f5e3aa1d9a192a4a76	15/69 (21.74%)	Dridex	198.61.196.18:1801
2018-11-28 14:48:38	60b2a867b6fe57f5e3aa1d9a192a4a76	15/69 (21.74%)	Dridex	198.61.196.18:1801
2018-11-28 10:30:24	d781d470701a24c4ef2cbecd98db89c0	15/69 (21.74%)	Dridex	198.61.196.18:1801
2018-11-28 10:30:24	d781d470701a24c4ef2cbecd98db89c0	15/69 (21.74%)	Dridex	198.61.196.18:1801

# of entries: 34 (max: 100)