SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 3d741ff6725860f0b406f434bea78cf9ea71059b.

Database Entry


SHA1 Fingerprint:3d741ff6725860f0b406f434bea78cf9ea71059b
Certificate Common Name (CN):harexpoprdenfo.pt
Issuer Distinguished Name (DN):harexpoprdenfo.pt
TLS Version:TLSv1
First seen:2015-07-23 21:45:20 UTC
Last seen:2015-07-31 09:18:20 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2015-07-24 05:05:00
Malware samples:8
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-07-31 09:18:20853742ebaaa2e4a3dc29b9fe8c3822d4Virustotal results 14/56 (25.00%) Dridex 188.93.73.90:449
2015-07-30 18:47:545f93237c3eb6f756f0d95f56635b0ae8Virustotal results 11/56 (19.64%) Dridex 188.93.73.90:449
2015-07-29 13:37:16e751a941b7cb8e85b4949cc3e7e39027Virustotal results 2/55 (3.64%) Dridex 188.93.73.90:449
2015-07-26 03:20:49a26fbbd72f9dd680a5bc224a89819a00Virustotal results 2/55 (3.64%) Dridex 188.93.73.90:449
2015-07-24 11:39:509e73e0c4b92253c5f8b6648f29b28b5bVirustotal results 4/55 (7.27%) Dridex 188.93.73.90:449
2015-07-24 08:45:33948c59ea3039951d312fb1190242f20eVirustotal results 2/55 (3.64%) Dridex 188.93.73.90:449
2015-07-23 23:33:36dd11a8abcecc2e95d96f1e84cfcc33bbVirustotal results 4/56 (7.14%) Dridex 188.93.73.90:449
2015-07-23 21:45:20fbd07085e643f13e54d33fc694bd5c33Virustotal results 18/56 (32.14%) Dridex 188.93.73.90:449

# of entries: 8 (max: 100)