SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 3ba714519b3ef3dd3c75f1cbe9919e15064f606d.

Database Entry


SHA1 Fingerprint:3ba714519b3ef3dd3c75f1cbe9919e15064f606d
Certificate Common Name (CN):srv1.mainsftdomain.com
Issuer Distinguished Name (DN):srv1.mainsftdomain.com
TLS Version:TLS 1.2
First seen:2015-04-07 13:00:29 UTC
Last seen:2015-04-25 20:58:54 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2015-09-29 08:10:47
Malware samples:38
Botnet C&Cs:11

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-04-25 20:58:54fad69582b29fa178db1e557078392588Virustotal results 35/56 (62.50%) Dridex 78.24.218.186:8443
2015-04-25 04:15:38257847df2e87c79834ddec8fa7168733Virustotal results 30/55 (54.55%) Dridex 62.152.36.90:1443
2015-04-25 02:03:28c28da73ac3bb40abe25d1292802373c9n/a5.45.124.126:1443
2015-04-24 21:01:4202492b954b48f13412a844d689d064f1Virustotal results 26/55 (47.27%) 78.24.218.186:8443
2015-04-24 17:43:27729d5ebf125c421b24319561e7fe364eVirustotal results 49/55 (89.09%) 78.24.218.186:8443
2015-04-23 23:14:305463f3a83ef14a4f936fc69128d6911aVirustotal results 30/56 (53.57%) 82.146.58.216:8443
2015-04-22 17:35:2222a7aafe5190a5cdcc92bfd304a21f7dVirustotal results 25/57 (43.86%) Asprox5.45.123.115:1443
2015-04-22 05:20:33673626be5ea81360f526a378355e3431Virustotal results 32/56 (57.14%) 89.28.83.228:8443
2015-04-19 16:41:21f651c64d9ce7ebfa13d2dacc44abacf7Virustotal results 36/57 (63.16%) 82.146.58.216:8443
2015-04-19 13:18:39676ed7dbae75db118fe5171723ceb45bVirustotal results 27/56 (48.21%) 82.146.58.216:8443
2015-04-19 08:39:063df8ce4e222e78949bfbfb669e1093fbVirustotal results 14/57 (24.56%) Dridex 82.146.58.216:8443
2015-04-18 18:54:446def9b68433a0f0643ad21ebe6436da5Virustotal results 31/57 (54.39%) 82.146.58.216:8443
2015-04-18 10:45:05ecf9807545d6e298970f6dd15136d876Virustotal results 33/57 (57.89%) Dridex 89.28.83.228:8443
2015-04-18 10:43:288c083202084434f4a8eb97e70fae1091Virustotal results 40/56 (71.43%) Dridex 178.218.221.73:8443
2015-04-18 10:17:59ceb00fabf1eeb182b1d35332e981b900Virustotal results 17/56 (30.36%) Dridex 178.218.221.73:8443
2015-04-18 05:47:33cc8a266b4d9926537bae57ef0b213281Virustotal results 25/57 (43.86%) 89.28.83.228:8443
2015-04-18 05:05:25fc208c52190bedc5e36b257e07d4ed81Virustotal results 15/57 (26.32%) Dridex 82.146.58.216:8443
2015-04-17 19:09:12086436be6f10ca5f3f650233a85709d4Virustotal results 6/57 (10.53%) Dridex 185.66.70.45:8443
2015-04-17 13:42:27568b54d4548fe43d3b9be34011fdd7a1Virustotal results 25/57 (43.86%) Downloader.Pony185.66.70.45:8443
2015-04-17 13:10:3416a0c11f645e16297a353f160229ea02Virustotal results 27/52 (51.92%) Downloader.Pony185.66.70.45:8443
2015-04-17 12:12:00dc2888c271b715ccddf0ed8d490bae70Virustotal results 24/55 (43.64%) Downloader.Pony185.66.70.45:8443
2015-04-17 10:59:0179edb2e4b6d8530ef048d16d74ca2004Virustotal results 24/57 (42.11%) Downloader.Pony188.226.150.141:1443
2015-04-17 09:16:276d0734be8adcdcbe9338ef3d90bbf911Virustotal results 24/56 (42.86%) Downloader.Pony188.226.150.141:1443
2015-04-17 08:56:161a0dce2b29b56f45285e9b4fa15a78b0Virustotal results 17/57 (29.82%) Downloader.Pony188.226.150.141:1443
2015-04-17 08:36:4194a86d50ffd4cbfb7262acbe9be2eb53Virustotal results 25/57 (43.86%) Downloader.Pony185.66.70.45:8443
2015-04-17 08:11:08629ace2b622690bf52a8e646ece31174Virustotal results 23/54 (42.59%) Downloader.Pony185.66.70.45:8443
2015-04-17 07:48:35ec602668d681a13504b99adb6682ab19Virustotal results 24/57 (42.11%) Downloader.Pony188.226.150.141:1443
2015-04-17 07:38:038c4d60b8bed668b033784cbd3a830f0fVirustotal results 29/57 (50.88%) Downloader.Pony185.66.70.45:8443
2015-04-17 01:52:34bd76ed5d4ff737d3c612bb8bac31b275Virustotal results 25/57 (43.86%) Downloader.Pony185.66.70.45:8443
2015-04-17 00:36:11b718a978fb4f1727158834aae449b6f7Virustotal results 13/56 (23.21%) 185.66.70.45:8443
2015-04-16 18:06:272ecf5e35d681521997e293513144fd80Virustotal results 23/57 (40.35%) Downloader.Pony89.28.83.228:8443
2015-04-16 17:57:15e46dcc4a49547b547f357a948337b929Virustotal results 33/57 (57.89%) 78.24.218.186:8443
2015-04-16 10:52:08db44e1fe72c4ef4571171ddb03a69476Virustotal results 23/53 (43.40%) 78.24.218.186:8443
2015-04-15 13:17:24764787de360e18f30568b64ca4daf92aVirustotal results 3/57 (5.26%) Downloader.Pony178.218.221.73:8443
2015-04-14 10:53:39bf8c1a221be596b8094cbee185bc5962Virustotal results 3/57 (5.26%) Dridex 37.140.199.100:8443
2015-04-09 22:06:563e3a09644170ad3184facb4cace14f8aVirustotal results 30/57 (52.63%) Dridex 37.140.199.100:8443
2015-04-07 13:04:27e4cc002a95caaf4481cb7140bbe96c58Virustotal results 1/56 (1.79%) Dridex 37.140.199.100:8443
2015-04-07 13:00:294d791286c8cda594dd00d8dbadde7b06Virustotal results 2/56 (3.57%) Dridex 109.74.146.18:1443

# of entries: 38 (max: 100)