SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 4ffbee3013a464df8ad3423bdc0aad40b1b112f2.

Database Entry


SHA1 Fingerprint:4ffbee3013a464df8ad3423bdc0aad40b1b112f2
Certificate Common Name (CN):wthcethesmw.ph
Issuer Distinguished Name (DN):wthcethesmw.ph
TLS Version:TLS 1.2
First seen:2016-03-22 21:16:35 UTC
Last seen:2016-03-28 01:11:28 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2016-03-23 08:17:15
Malware samples:3
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2016-03-28 01:11:28c26d2cb3738a147de548d3c482f13ea4Virustotal results 17/57 (29.82%) Dridex 154.120.229.44:4043
2016-03-22 23:51:0883aa88d92faf69b635a62a66747ed938Virustotal results 4/55 (7.27%) Dridex 154.120.229.44:4043
2016-03-22 21:16:3546a4834e2b3f4c4db2418ab431a23ce3Virustotal results 3/56 (5.36%) Dridex 154.120.229.44:4043

# of entries: 3 (max: 100)