SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint 5ac8259f3989ba8c515f6ca97061368f5bab216d.

Database Entry

SHA1 Fingerprint:5ac8259f3989ba8c515f6ca97061368f5bab216d
Certificate Common Name (CN):unuasher.fo
Issuer Distinguished Name (DN):unuasher.fo
TLS Version:TLSv1
First seen:2015-07-23 21:45:16 UTC
Last seen:2015-07-31 09:18:20 UTC
Status:Blacklisted
Listing reason:Dridex C&C
Listing date:2015-07-24 05:05:02
Malware samples:15
Botnet C&Cs:1

Malware Samples

The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-07-31 09:18:20853742ebaaa2e4a3dc29b9fe8c3822d4Virustotal results 14/56 (25.00%) Dridex 199.241.30.233:449
2015-07-31 09:18:20853742ebaaa2e4a3dc29b9fe8c3822d4Virustotal results 14/56 (25.00%) Dridex 199.241.30.233:449
2015-07-30 18:47:545f93237c3eb6f756f0d95f56635b0ae8Virustotal results 11/56 (19.64%) Dridex 199.241.30.233:449
2015-07-30 18:47:545f93237c3eb6f756f0d95f56635b0ae8Virustotal results 11/56 (19.64%) Dridex 199.241.30.233:449
2015-07-30 18:29:515ee27ac177cf9667219ac9d01e6aa175Virustotal results 18/56 (32.14%) Dridex 199.241.30.233:449
2015-07-30 18:29:515ee27ac177cf9667219ac9d01e6aa175Virustotal results 18/56 (32.14%) Dridex 199.241.30.233:449
2015-07-29 13:37:16e751a941b7cb8e85b4949cc3e7e39027Virustotal results 2/55 (3.64%) Dridex 199.241.30.233:449
2015-07-29 13:37:16e751a941b7cb8e85b4949cc3e7e39027Virustotal results 2/55 (3.64%) Dridex 199.241.30.233:449
2015-07-27 09:18:22f480cf68fbc0e2b60a490e2d54de3a62Virustotal results 0/56 (0.00%) Dridex 199.241.30.233:449
2015-07-27 09:18:22f480cf68fbc0e2b60a490e2d54de3a62Virustotal results 0/56 (0.00%) Dridex 199.241.30.233:449
2015-07-26 18:00:574011190388f764a9d1aab78bed4713b3Virustotal results 0/56 (0.00%) Dridex 199.241.30.233:449
2015-07-26 18:00:574011190388f764a9d1aab78bed4713b3Virustotal results 0/56 (0.00%) Dridex 199.241.30.233:449
2015-07-26 11:50:020478e2634f04e06c2ade5ba1e77b79deVirustotal results 0/55 (0.00%) Dridex 199.241.30.233:449
2015-07-26 11:50:020478e2634f04e06c2ade5ba1e77b79deVirustotal results 0/55 (0.00%) Dridex 199.241.30.233:449
2015-07-26 03:20:49a26fbbd72f9dd680a5bc224a89819a00Virustotal results 2/55 (3.64%) Dridex 199.241.30.233:449
2015-07-26 03:20:49a26fbbd72f9dd680a5bc224a89819a00Virustotal results 2/55 (3.64%) Dridex 199.241.30.233:449
2015-07-25 22:08:304990926cc1815d318eb1dc06c2831133Virustotal results 1/56 (1.79%) Dridex 199.241.30.233:449
2015-07-25 22:08:304990926cc1815d318eb1dc06c2831133Virustotal results 1/56 (1.79%) Dridex 199.241.30.233:449
2015-07-25 17:20:069d1d0632329f04d8b1ec21aff4ce6493Virustotal results 3/55 (5.45%) Dridex 199.241.30.233:449
2015-07-25 17:20:069d1d0632329f04d8b1ec21aff4ce6493Virustotal results 3/55 (5.45%) Dridex 199.241.30.233:449
2015-07-24 13:41:4832230d747829dcf77841f594aa54915aVirustotal results 0/55 (0.00%) Dridex 199.241.30.233:449
2015-07-24 13:41:4832230d747829dcf77841f594aa54915aVirustotal results 0/55 (0.00%) Dridex 199.241.30.233:449
2015-07-24 11:39:509e73e0c4b92253c5f8b6648f29b28b5bVirustotal results 4/55 (7.27%) Dridex 199.241.30.233:449
2015-07-24 11:39:509e73e0c4b92253c5f8b6648f29b28b5bVirustotal results 4/55 (7.27%) Dridex 199.241.30.233:449
2015-07-24 08:45:33948c59ea3039951d312fb1190242f20eVirustotal results 2/55 (3.64%) Dridex 199.241.30.233:449
2015-07-24 08:45:33948c59ea3039951d312fb1190242f20eVirustotal results 2/55 (3.64%) Dridex 199.241.30.233:449
2015-07-23 23:33:36dd11a8abcecc2e95d96f1e84cfcc33bbVirustotal results 4/56 (7.14%) Dridex 199.241.30.233:449
2015-07-23 23:33:36dd11a8abcecc2e95d96f1e84cfcc33bbVirustotal results 4/56 (7.14%) Dridex 199.241.30.233:449
2015-07-23 21:45:20fbd07085e643f13e54d33fc694bd5c33Virustotal results 18/56 (32.14%) Dridex 199.241.30.233:449
2015-07-23 21:45:20fbd07085e643f13e54d33fc694bd5c33Virustotal results 18/56 (32.14%) Dridex 199.241.30.233:449

# of entries: 30 (max: 100)