SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 1c8357ec564ea1f638165801224701f565f1d3d8.

Database Entry


SHA1 Fingerprint:1c8357ec564ea1f638165801224701f565f1d3d8
Certificate Common Name (CN):ulghestecrrios.cx
Issuer Distinguished Name (DN):ulghestecrrios.cx
TLS Version:TLSv1
First seen:2016-01-11 10:44:20 UTC
Last seen:2016-01-22 09:55:37 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2016-01-11 10:47:00
Malware samples:8
Botnet C&Cs:4

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-01-22 09:55:379cc3529fe792abe1ec9e3b5d55716e50Virustotal results 1/54 (1.85%) Dridex 188.126.116.26:443
2016-01-20 16:25:2134781d4f8654f9547cc205061221aea5Virustotal results 1/54 (1.85%) Dridex 176.53.0.103:443
2016-01-20 00:24:15db9694246738a838161a0ae425acea77Virustotal results 1/53 (1.89%) Dridex 176.53.0.103:443
2016-01-17 06:10:039138e36d70ab94349558c61e92ab9ae2Virustotal results 29/55 (52.73%) Dridex 41.38.18.230:443
2016-01-14 22:18:41aaf2070192032e4e4cde5e16d0d7fcceVirustotal results 30/55 (54.55%) Dridex 41.38.18.230:443
2016-01-14 13:37:019f6ce868b6e3671afe731de8768b9c8cVirustotal results 3/55 (5.45%) Dridex 41.38.18.230:443
2016-01-13 13:51:55e47789e7bf6cb9214479c1a44d48226fVirustotal results 2/54 (3.70%) Dridex 41.38.18.230:443
2016-01-11 10:44:203d59b913f823314ca85839b60a9d563aVirustotal results 2/54 (3.70%) Dridex 62.109.133.248:444

# of entries: 8 (max: 100)