SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 1a44fa70e56a20a454b3bf72cdbe772e538a50cd.

Database Entry


SHA1 Fingerprint:1a44fa70e56a20a454b3bf72cdbe772e538a50cd
Certificate Common Name (CN):stmubalfiran.td
Issuer Distinguished Name (DN):stmubalfiran.td
TLS Version:TLSv1
First seen:2016-03-18 03:29:51 UTC
Last seen:2016-04-09 11:10:55 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2016-03-18 13:19:53
Malware samples:7
Botnet C&Cs:3

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-04-09 11:10:5571b3d2ffdbf162434cc6b3daab3f29b9Virustotal results 6/56 (10.71%) Dridex 93.174.126.37:8443
2016-03-29 07:49:07879ba935e7b0f0dfdc62150be81af5f0Virustotal results 16/58 (27.59%) Dridex 93.82.193.162:8443
2016-03-24 01:20:2767d4cb4cba304dfb823dffe101fb1c63Virustotal results 4/57 (7.02%) Dridex 47.88.191.14:443
2016-03-22 23:51:0883aa88d92faf69b635a62a66747ed938Virustotal results 4/55 (7.27%) Dridex 47.88.191.14:443
2016-03-22 21:16:3546a4834e2b3f4c4db2418ab431a23ce3Virustotal results 3/56 (5.36%) Dridex 47.88.191.14:443
2016-03-19 23:45:0350b2dccf38eaf71c37d622f04cd0cd64Virustotal results 38/57 (66.67%) Dridex 47.88.191.14:443
2016-03-18 03:29:517dcc0e6710c1393c08b66694e71090e9Virustotal results 30/55 (54.55%) Dridex 47.88.191.14:443

# of entries: 7 (max: 100)