SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 3ba714519b3ef3dd3c75f1cbe9919e15064f606d.

Database Entry

SHA1 Fingerprint:	3ba714519b3ef3dd3c75f1cbe9919e15064f606d
Certificate Common Name (CN):	srv1.mainsftdomain.com
Issuer Distinguished Name (DN):	srv1.mainsftdomain.com
TLS Version:	TLS 1.2
First seen:	2015-04-07 13:00:29 UTC
Last seen:	2015-04-25 20:58:54 UTC
Status:	Blacklisted
Listing reason:	Dridex C&C
Listing date:	2015-09-29 08:10:47
Malware samples:	38
Botnet C&Cs:	11

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Signature	Botnet C&C (IP:port)
2015-04-25 20:58:54	fad69582b29fa178db1e557078392588	35/56 (62.50%)	Dridex	78.24.218.186:8443
2015-04-25 20:58:54	fad69582b29fa178db1e557078392588	35/56 (62.50%)	Dridex	78.24.218.186:8443
2015-04-25 04:15:38	257847df2e87c79834ddec8fa7168733	30/55 (54.55%)	Dridex	62.152.36.90:1443
2015-04-25 04:15:38	257847df2e87c79834ddec8fa7168733	30/55 (54.55%)	Dridex	62.152.36.90:1443
2015-04-25 02:03:28	c28da73ac3bb40abe25d1292802373c9	n/a		5.45.124.126:1443
2015-04-25 02:03:28	c28da73ac3bb40abe25d1292802373c9	n/a		5.45.124.126:1443
2015-04-24 21:01:42	02492b954b48f13412a844d689d064f1	26/55 (47.27%)		78.24.218.186:8443
2015-04-24 21:01:42	02492b954b48f13412a844d689d064f1	26/55 (47.27%)		78.24.218.186:8443
2015-04-24 17:43:27	729d5ebf125c421b24319561e7fe364e	49/55 (89.09%)		78.24.218.186:8443
2015-04-24 17:43:27	729d5ebf125c421b24319561e7fe364e	49/55 (89.09%)		78.24.218.186:8443
2015-04-23 23:14:30	5463f3a83ef14a4f936fc69128d6911a	30/56 (53.57%)		82.146.58.216:8443
2015-04-23 23:14:30	5463f3a83ef14a4f936fc69128d6911a	30/56 (53.57%)		82.146.58.216:8443
2015-04-22 17:35:22	22a7aafe5190a5cdcc92bfd304a21f7d	25/57 (43.86%)	Asprox	5.45.123.115:1443
2015-04-22 17:35:22	22a7aafe5190a5cdcc92bfd304a21f7d	25/57 (43.86%)	Asprox	5.45.123.115:1443
2015-04-22 05:20:33	673626be5ea81360f526a378355e3431	32/56 (57.14%)		89.28.83.228:8443
2015-04-22 05:20:33	673626be5ea81360f526a378355e3431	32/56 (57.14%)		89.28.83.228:8443
2015-04-19 16:41:21	f651c64d9ce7ebfa13d2dacc44abacf7	36/57 (63.16%)		82.146.58.216:8443
2015-04-19 16:41:21	f651c64d9ce7ebfa13d2dacc44abacf7	36/57 (63.16%)		82.146.58.216:8443
2015-04-19 13:18:39	676ed7dbae75db118fe5171723ceb45b	27/56 (48.21%)		82.146.58.216:8443
2015-04-19 13:18:39	676ed7dbae75db118fe5171723ceb45b	27/56 (48.21%)		82.146.58.216:8443
2015-04-19 08:39:06	3df8ce4e222e78949bfbfb669e1093fb	14/57 (24.56%)	Dridex	82.146.58.216:8443
2015-04-19 08:39:06	3df8ce4e222e78949bfbfb669e1093fb	14/57 (24.56%)	Dridex	82.146.58.216:8443
2015-04-18 18:54:44	6def9b68433a0f0643ad21ebe6436da5	31/57 (54.39%)		82.146.58.216:8443
2015-04-18 18:54:44	6def9b68433a0f0643ad21ebe6436da5	31/57 (54.39%)		82.146.58.216:8443
2015-04-18 10:45:05	ecf9807545d6e298970f6dd15136d876	33/57 (57.89%)	Dridex	89.28.83.228:8443
2015-04-18 10:45:05	ecf9807545d6e298970f6dd15136d876	33/57 (57.89%)	Dridex	89.28.83.228:8443
2015-04-18 10:43:28	8c083202084434f4a8eb97e70fae1091	40/56 (71.43%)	Dridex	178.218.221.73:8443
2015-04-18 10:43:28	8c083202084434f4a8eb97e70fae1091	40/56 (71.43%)	Dridex	178.218.221.73:8443
2015-04-18 10:17:59	ceb00fabf1eeb182b1d35332e981b900	17/56 (30.36%)	Dridex	178.218.221.73:8443
2015-04-18 10:17:59	ceb00fabf1eeb182b1d35332e981b900	17/56 (30.36%)	Dridex	178.218.221.73:8443
2015-04-18 05:47:33	cc8a266b4d9926537bae57ef0b213281	25/57 (43.86%)		89.28.83.228:8443
2015-04-18 05:47:33	cc8a266b4d9926537bae57ef0b213281	25/57 (43.86%)		89.28.83.228:8443
2015-04-18 05:05:25	fc208c52190bedc5e36b257e07d4ed81	15/57 (26.32%)	Dridex	82.146.58.216:8443
2015-04-18 05:05:25	fc208c52190bedc5e36b257e07d4ed81	15/57 (26.32%)	Dridex	82.146.58.216:8443
2015-04-17 19:09:12	086436be6f10ca5f3f650233a85709d4	6/57 (10.53%)	Dridex	185.66.70.45:8443
2015-04-17 19:09:12	086436be6f10ca5f3f650233a85709d4	6/57 (10.53%)	Dridex	185.66.70.45:8443
2015-04-17 13:42:27	568b54d4548fe43d3b9be34011fdd7a1	25/57 (43.86%)	Downloader.Pony	185.66.70.45:8443
2015-04-17 13:42:27	568b54d4548fe43d3b9be34011fdd7a1	25/57 (43.86%)	Downloader.Pony	185.66.70.45:8443
2015-04-17 13:10:34	16a0c11f645e16297a353f160229ea02	27/52 (51.92%)	Downloader.Pony	185.66.70.45:8443
2015-04-17 13:10:34	16a0c11f645e16297a353f160229ea02	27/52 (51.92%)	Downloader.Pony	185.66.70.45:8443
2015-04-17 12:12:00	dc2888c271b715ccddf0ed8d490bae70	24/55 (43.64%)	Downloader.Pony	185.66.70.45:8443
2015-04-17 12:12:00	dc2888c271b715ccddf0ed8d490bae70	24/55 (43.64%)	Downloader.Pony	185.66.70.45:8443
2015-04-17 10:59:01	79edb2e4b6d8530ef048d16d74ca2004	24/57 (42.11%)	Downloader.Pony	188.226.150.141:1443
2015-04-17 10:59:01	79edb2e4b6d8530ef048d16d74ca2004	24/57 (42.11%)	Downloader.Pony	188.226.150.141:1443
2015-04-17 09:16:27	6d0734be8adcdcbe9338ef3d90bbf911	24/56 (42.86%)	Downloader.Pony	188.226.150.141:1443
2015-04-17 09:16:27	6d0734be8adcdcbe9338ef3d90bbf911	24/56 (42.86%)	Downloader.Pony	188.226.150.141:1443
2015-04-17 08:56:16	1a0dce2b29b56f45285e9b4fa15a78b0	17/57 (29.82%)	Downloader.Pony	188.226.150.141:1443
2015-04-17 08:56:16	1a0dce2b29b56f45285e9b4fa15a78b0	17/57 (29.82%)	Downloader.Pony	188.226.150.141:1443
2015-04-17 08:36:41	94a86d50ffd4cbfb7262acbe9be2eb53	25/57 (43.86%)	Downloader.Pony	185.66.70.45:8443
2015-04-17 08:36:41	94a86d50ffd4cbfb7262acbe9be2eb53	25/57 (43.86%)	Downloader.Pony	185.66.70.45:8443
2015-04-17 08:11:08	629ace2b622690bf52a8e646ece31174	23/54 (42.59%)	Downloader.Pony	185.66.70.45:8443
2015-04-17 08:11:08	629ace2b622690bf52a8e646ece31174	23/54 (42.59%)	Downloader.Pony	185.66.70.45:8443
2015-04-17 07:48:35	ec602668d681a13504b99adb6682ab19	24/57 (42.11%)	Downloader.Pony	188.226.150.141:1443
2015-04-17 07:48:35	ec602668d681a13504b99adb6682ab19	24/57 (42.11%)	Downloader.Pony	188.226.150.141:1443
2015-04-17 07:38:03	8c4d60b8bed668b033784cbd3a830f0f	29/57 (50.88%)	Downloader.Pony	185.66.70.45:8443
2015-04-17 07:38:03	8c4d60b8bed668b033784cbd3a830f0f	29/57 (50.88%)	Downloader.Pony	185.66.70.45:8443
2015-04-17 01:52:34	bd76ed5d4ff737d3c612bb8bac31b275	25/57 (43.86%)	Downloader.Pony	185.66.70.45:8443
2015-04-17 01:52:34	bd76ed5d4ff737d3c612bb8bac31b275	25/57 (43.86%)	Downloader.Pony	185.66.70.45:8443
2015-04-17 00:36:11	b718a978fb4f1727158834aae449b6f7	13/56 (23.21%)		185.66.70.45:8443
2015-04-17 00:36:11	b718a978fb4f1727158834aae449b6f7	13/56 (23.21%)		185.66.70.45:8443
2015-04-16 18:06:27	2ecf5e35d681521997e293513144fd80	23/57 (40.35%)	Downloader.Pony	89.28.83.228:8443
2015-04-16 18:06:27	2ecf5e35d681521997e293513144fd80	23/57 (40.35%)	Downloader.Pony	89.28.83.228:8443
2015-04-16 17:57:15	e46dcc4a49547b547f357a948337b929	33/57 (57.89%)		78.24.218.186:8443
2015-04-16 17:57:15	e46dcc4a49547b547f357a948337b929	33/57 (57.89%)		78.24.218.186:8443
2015-04-16 10:52:08	db44e1fe72c4ef4571171ddb03a69476	23/53 (43.40%)		78.24.218.186:8443
2015-04-16 10:52:08	db44e1fe72c4ef4571171ddb03a69476	23/53 (43.40%)		78.24.218.186:8443
2015-04-15 13:17:24	764787de360e18f30568b64ca4daf92a	3/57 (5.26%)	Downloader.Pony	178.218.221.73:8443
2015-04-15 13:17:24	764787de360e18f30568b64ca4daf92a	3/57 (5.26%)	Downloader.Pony	178.218.221.73:8443
2015-04-14 10:53:39	bf8c1a221be596b8094cbee185bc5962	3/57 (5.26%)	Dridex	37.140.199.100:8443
2015-04-14 10:53:39	bf8c1a221be596b8094cbee185bc5962	3/57 (5.26%)	Dridex	37.140.199.100:8443
2015-04-09 22:06:56	3e3a09644170ad3184facb4cace14f8a	30/57 (52.63%)	Dridex	37.140.199.100:8443
2015-04-09 22:06:56	3e3a09644170ad3184facb4cace14f8a	30/57 (52.63%)	Dridex	37.140.199.100:8443
2015-04-07 13:04:27	e4cc002a95caaf4481cb7140bbe96c58	1/56 (1.79%)	Dridex	37.140.199.100:8443
2015-04-07 13:04:27	e4cc002a95caaf4481cb7140bbe96c58	1/56 (1.79%)	Dridex	37.140.199.100:8443
2015-04-07 13:00:29	4d791286c8cda594dd00d8dbadde7b06	2/56 (3.57%)	Dridex	109.74.146.18:1443
2015-04-07 13:00:29	4d791286c8cda594dd00d8dbadde7b06	2/56 (3.57%)	Dridex	109.74.146.18:1443

# of entries: 76 (max: 100)