SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 23eabda9c67f0a0dee3a12fdcef1fde584a00f44.

Database Entry

SHA1 Fingerprint:	23eabda9c67f0a0dee3a12fdcef1fde584a00f44
Certificate Common Name (CN):	mitiryng.nl
Issuer Distinguished Name (DN):	mitiryng.nl
TLS Version:	TLS 1.2
First seen:	2016-01-17 06:10:03 UTC
Last seen:	2016-02-01 06:25:00 UTC
Status:	Blacklisted
Listing reason:	Dridex C&C
Listing date:	2016-01-17 07:50:12
Malware samples:	6
Botnet C&Cs:	1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2016-02-01 06:25:00	3b72a55fa82668f635db2b12feb2e30e	37/54 (68.52%)	Dridex	216.117.130.191:1143
2016-02-01 06:25:00	3b72a55fa82668f635db2b12feb2e30e	37/54 (68.52%)	Dridex	216.117.130.191:1143
2016-01-29 14:48:45	875b5f2cfbd07f918c954b2ed4b8d0df	38/55 (69.09%)	Dridex	216.117.130.191:1143
2016-01-29 14:48:45	875b5f2cfbd07f918c954b2ed4b8d0df	38/55 (69.09%)	Dridex	216.117.130.191:1143
2016-01-29 06:32:10	4e8e3acbdcc1f6f128d44940effe1ef7	4/54 (7.41%)	Dridex	216.117.130.191:1143
2016-01-29 06:32:10	4e8e3acbdcc1f6f128d44940effe1ef7	4/54 (7.41%)	Dridex	216.117.130.191:1143
2016-01-29 06:03:46	b70ae516f434af87a90668a6c87ea202	26/53 (49.06%)	Dridex	216.117.130.191:1143
2016-01-29 06:03:46	b70ae516f434af87a90668a6c87ea202	26/53 (49.06%)	Dridex	216.117.130.191:1143
2016-01-27 01:50:00	7e32a8fdf74ee02a8a2bee2ab56e4eaf	37/55 (67.27%)	Dridex	216.117.130.191:1143
2016-01-27 01:50:00	7e32a8fdf74ee02a8a2bee2ab56e4eaf	37/55 (67.27%)	Dridex	216.117.130.191:1143
2016-01-17 06:10:03	9138e36d70ab94349558c61e92ab9ae2	29/55 (52.73%)	Dridex	216.117.130.191:1143
2016-01-17 06:10:03	9138e36d70ab94349558c61e92ab9ae2	29/55 (52.73%)	Dridex	216.117.130.191:1143

# of entries: 12 (max: 100)