SSL Certificates
The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 4ffbee3013a464df8ad3423bdc0aad40b1b112f2.
Database Entry
| SHA1 Fingerprint: | 4ffbee3013a464df8ad3423bdc0aad40b1b112f2 |
|---|---|
| Certificate Common Name (CN): | wthcethesmw.ph |
| Issuer Distinguished Name (DN): | wthcethesmw.ph |
| TLS Version: | TLS 1.2 |
| First seen: | 2016-03-22 21:16:35 UTC |
| Last seen: | 2016-03-28 01:11:28 UTC |
| Status: | Blacklisted |
| Listing reason: | Dridex C&C |
| Listing date: | 2016-03-23 08:17:15 |
| Malware samples: | 3 |
| Botnet C&Cs: | 1 |
Malware Samples
The table below documents all malware samples associated with this SSL certificate.
| Timestamp (UTC) | Malware Sample (MD5 hash) | VT | Signature | Botnet C&C (IP:port) |
|---|---|---|---|---|
| 2016-03-28 01:11:28 | c26d2cb3738a147de548d3c482f13ea4 |  17/57 (29.82%)
| Dridex | 154.120.229.44:4043 |
| 2016-03-28 01:11:28 | c26d2cb3738a147de548d3c482f13ea4 | 17/57 (29.82%)
| Dridex | 154.120.229.44:4043 |
| 2016-03-22 23:51:08 | 83aa88d92faf69b635a62a66747ed938 | 4/55 (7.27%)
| Dridex | 154.120.229.44:4043 |
| 2016-03-22 23:51:08 | 83aa88d92faf69b635a62a66747ed938 | 4/55 (7.27%)
| Dridex | 154.120.229.44:4043 |
| 2016-03-22 21:16:35 | 46a4834e2b3f4c4db2418ab431a23ce3 | 3/56 (5.36%)
| Dridex | 154.120.229.44:4043 |
| 2016-03-22 21:16:35 | 46a4834e2b3f4c4db2418ab431a23ce3 | 3/56 (5.36%)
| Dridex | 154.120.229.44:4043 |
# of entries: 6 (max: 100)