SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 3bdb2f4b219cb08dbfbae4dc0881a16237e7ad68.

Database Entry

SHA1 Fingerprint:3bdb2f4b219cb08dbfbae4dc0881a16237e7ad68
Certificate Common Name (CN):documents.name
Issuer Distinguished Name (DN):COMODO RSA Domain Validation Secure Server CA
TLS Version:TLS 1.2
First seen:2018-11-27 22:23:14 UTC
Last seen:2018-11-28 22:23:21 UTC
Status:Blacklisted
Listing reason:Dridex malware distribution
Listing date:2018-11-29 10:49:43
Malware samples:7
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2018-11-28 22:23:21ef01a03ab0331d0865087c4b023f7974n/aDridex 85.217.170.186:443
2018-11-28 22:23:21ef01a03ab0331d0865087c4b023f7974n/aDridex 85.217.170.186:443
2018-11-28 21:53:5142c4f76e4604edfcb21b4a484084ab84Virustotal results 34/58 (58.62%) Dridex 85.217.170.186:443
2018-11-28 21:53:5142c4f76e4604edfcb21b4a484084ab84Virustotal results 34/58 (58.62%) Dridex 85.217.170.186:443
2018-11-28 20:07:36eeb1b6c3c7491124fb0c67a51f782881n/aDridex 85.217.170.186:443
2018-11-28 20:07:36eeb1b6c3c7491124fb0c67a51f782881n/aDridex 85.217.170.186:443
2018-11-28 19:59:55fa0db225a6d2977ef23c08550f922a90n/aDridex 85.217.170.186:443
2018-11-28 19:59:55fa0db225a6d2977ef23c08550f922a90n/aDridex 85.217.170.186:443
2018-11-28 19:47:33ab0cbcf73f6b20f5e3e169b8499caec6n/aDridex 85.217.170.186:443
2018-11-28 19:47:33ab0cbcf73f6b20f5e3e169b8499caec6n/aDridex 85.217.170.186:443
2018-11-28 17:17:046d6e51a9f17e90661207997883f36452n/aDridex 85.217.170.186:443
2018-11-28 17:17:046d6e51a9f17e90661207997883f36452n/aDridex 85.217.170.186:443
2018-11-27 22:23:23f78de9bc95c5e29792ac9a91c417a41en/aDridex 85.217.170.186:443
2018-11-27 22:23:23f78de9bc95c5e29792ac9a91c417a41en/aDridex 85.217.170.186:443

# of entries: 14 (max: 100)