SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 23eabda9c67f0a0dee3a12fdcef1fde584a00f44.

Database Entry


SHA1 Fingerprint:23eabda9c67f0a0dee3a12fdcef1fde584a00f44
Certificate Common Name (CN):mitiryng.nl
Issuer Distinguished Name (DN):mitiryng.nl
TLS Version:TLS 1.2
First seen:2016-01-17 06:10:03 UTC
Last seen:2016-02-01 06:25:00 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2016-01-17 07:50:12
Malware samples:6
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-02-01 06:25:003b72a55fa82668f635db2b12feb2e30eVirustotal results 37/54 (68.52%) Dridex 216.117.130.191:1143
2016-01-29 14:48:45875b5f2cfbd07f918c954b2ed4b8d0dfVirustotal results 38/55 (69.09%) Dridex 216.117.130.191:1143
2016-01-29 06:32:104e8e3acbdcc1f6f128d44940effe1ef7Virustotal results 4/54 (7.41%) Dridex 216.117.130.191:1143
2016-01-29 06:03:46b70ae516f434af87a90668a6c87ea202Virustotal results 26/53 (49.06%) Dridex 216.117.130.191:1143
2016-01-27 01:50:007e32a8fdf74ee02a8a2bee2ab56e4eafVirustotal results 37/55 (67.27%) Dridex 216.117.130.191:1143
2016-01-17 06:10:039138e36d70ab94349558c61e92ab9ae2Virustotal results 29/55 (52.73%) Dridex 216.117.130.191:1143

# of entries: 6 (max: 100)